Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by pavel sotorník (administrator) on DESKTOP-SF9EVOO (MSI MS-7817) (18-01-2020 10:56:40)
Running from C:\Users\pavel sotorník\Downloads\frst
Loaded Profiles: pavel sotorník (Available Profiles: oem & pavel sotorník)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google) C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\SwReporter\77.224.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\SwReporter\77.224.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\SwReporter\77.224.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\SwReporter\77.224.200\software_reporter_tool.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\pavel sotorník\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Seznam.cz, a.s. -> ) C:\Users\pavel sotorník\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\pavel sotorník\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-12-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\pavel sotorník\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Run: [sznAgent] => C:\Users\pavel sotorník\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18299CD0-BCFE-45DC-BFA6-620E7649856F} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {25207FFF-F7AB-45BA-82B5-96E0DBE94B53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {258566F8-C417-4426-9AF3-B976DD97EF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {4BEAB9F3-0277-4232-BB48-AE943160ECF1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {8727F0C4-AB16-4D77-85E6-267C745A6672} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {8A207182-770F-40FE-97A0-B7AD3F65E66B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9B53B7E8-09B8-4636-8F8F-DF2C3E5AEA28} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {A8F15F0D-9ABE-46F0-B02C-766EF3C686A8} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-252145539-1094254164-2140920995-1001 => C:\Users\oem\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-11-17] (Mega Limited -> Mega Limited)
Task: {C2688F56-D47E-440D-9011-BF9952C733BA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {E981CCC8-8D6A-4756-9B64-991BF3D40394} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EA780AF9-BB7B-4C00-AD3C-8E2362EF3A29} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {F1FF9FF1-472D-474E-89AF-B2B6FA086BF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{43205905-b91e-4fef-8a13-f130554ef9b2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {040EF25D-B79E-487D-B5AF-725148F542C8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {0B7781B4-6F2E-44C2-9ED0-F8BDC38E8866} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {1D6B758D-05B1-43F7-A774-9E96466430BB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {2B72F5E2-3B40-473D-8DA7-A93A4F4D0BE5} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {35F047D7-02D9-4382-8508-D49D340405F1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {7B37B409-0223-406C-ADE8-B7FD54739907} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {84CD6C97-DCDA-4CCF-BF22-EA22972F6D20} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {9631A524-789A-43C0-B09F-B1E54A72D5D9} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {F1B36143-2D8E-4A4B-81C1-42E70150D6D3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: 493epr7n.default
FF ProfilePath: C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default [2020-01-18]
FF Notifications: Mozilla\Firefox\Profiles\493epr7n.default -> hxxps://www.facebook.com; hxxps://openload.co
FF NewTabOverride: Mozilla\Firefox\Profiles\493epr7n.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-28]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-02]
FF Extension: (No Name) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (Seznam lištička) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2020-01-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252145539-1094254164-2140920995-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pavel sotorník\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies SF -> Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Profile: C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (Dokumenty) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-11]
CHR Extension: (Disk Google) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-06]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-16]
CHR Extension: (YouTube) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-12]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-01-18]
CHR Extension: (Gmail) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-06]
CHR Extension: (Chrome Media Router) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-27] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 10:33 - 2020-01-18 10:57 - 000000000 ____D C:\FRST
2020-01-18 10:32 - 2020-01-18 10:56 - 000000000 ____D C:\Users\pavel sotorník\Downloads\frst
2020-01-18 10:23 - 2020-01-18 10:23 - 000000000 ____D C:\Users\pavel sotorník\AppData\Local\D3DSCache
2020-01-16 09:31 - 2020-01-16 09:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 09:30 - 2020-01-16 09:31 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 09:11 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 09:11 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 14:28 - 2020-01-14 14:28 - 001635937 _____ C:\Users\pavel sotorník\Desktop\Ubytovací poplatek-obecní vyhláška.pdf
2020-01-11 09:50 - 2020-01-11 09:51 - 000426483 _____ C:\Users\pavel sotorník\Downloads\zrušení_prac.poměru__Pánková08012020.pdf
2020-01-09 09:41 - 2020-01-17 19:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-02 16:25 - 2020-01-02 16:25 - 000700416 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA V.ppt
2020-01-02 16:24 - 2020-01-02 16:24 - 000267955 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA IV.ppsx
2020-01-02 16:21 - 2020-01-02 16:21 - 000792064 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA III.ppt
2020-01-02 16:18 - 2020-01-02 16:18 - 000321265 _____ C:\Users\pavel sotorník\Downloads\2019_SOCIÁLNÍ POLITIKA II.ppsx
2020-01-02 16:14 - 2020-01-02 16:15 - 000923136 _____ C:\Users\pavel sotorník\Downloads\2019_SOCIÁLNÍ POLITIKA I.ppt
2019-12-21 15:12 - 2019-12-21 15:12 - 005259840 _____ (Seznam.cz) C:\Users\pavel sotorník\Downloads\Seznam.cz-install.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 10:51 - 2016-06-06 22:09 - 000000000 ____D C:\Users\pavel sotorník\AppData\Roaming\Seznam.cz
2020-01-18 10:51 - 2015-08-18 12:04 - 009214186 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2020-01-18 10:50 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 10:50 - 2018-01-26 18:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-18 10:50 - 2016-11-18 11:48 - 000000000 ____D C:\Users\pavel sotorník\AppData\LocalLow\Mozilla
2020-01-18 10:50 - 2016-05-30 21:48 - 000000000 __SHD C:\Users\pavel sotorník\IntelGraphicsProfiles
2020-01-18 10:49 - 2019-08-30 18:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 10:48 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 10:47 - 2019-08-30 17:57 - 000000000 ____D C:\Users\pavel sotorník
2020-01-18 10:38 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-18 09:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-18 09:51 - 2019-08-30 17:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-17 21:55 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-17 19:06 - 2019-08-30 17:49 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-17 19:05 - 2016-05-31 06:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 09:41 - 2016-07-08 16:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 09:37 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 09:37 - 2016-07-08 16:40 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 08:34 - 2019-08-30 18:23 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-15 13:15 - 2019-08-30 18:23 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-252145539-1094254164-2140920995-1005
2020-01-15 13:14 - 2019-08-30 17:57 - 000002388 _____ C:\Users\pavel sotorník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-15 13:14 - 2016-05-30 21:51 - 000000000 ___RD C:\Users\pavel sotorník\OneDrive
2020-01-14 09:20 - 2019-08-30 18:23 - 000004672 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-14 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-10 19:25 - 2016-05-31 06:42 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-08 08:00 - 2017-07-05 14:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 08:00 - 2017-07-05 14:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-27 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-19 18:28 - 2017-04-27 20:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2016-11-17 14:24 - 2005-08-25 16:11 - 000005306 _____ () C:\Program Files (x86)\Graphics.fix
2016-11-17 14:29 - 2014-10-13 16:02 - 000001718 _____ () C:\Program Files (x86)\Installation.txt
2016-11-17 14:24 - 2005-08-19 13:02 - 000098304 _____ () C:\Program Files (x86)\m4d.dll
2016-11-17 14:24 - 2005-10-21 16:24 - 025360371 _____ () C:\Program Files (x86)\Main.common.ovl
2016-11-17 14:24 - 2005-10-21 16:24 - 000000004 _____ () C:\Program Files (x86)\Main.common.ovl.CHK
2016-11-17 14:24 - 2005-10-21 16:24 - 000840398 _____ () C:\Program Files (x86)\Main.unique.ovl
2016-11-17 14:24 - 2005-10-21 16:24 - 000000004 _____ () C:\Program Files (x86)\Main.unique.ovl.CHK
2016-11-17 14:24 - 2005-07-26 09:32 - 000348160 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2016-11-17 14:24 - 2005-09-21 14:49 - 000006081 _____ () C:\Program Files (x86)\nullbmp.common.ovl
2016-11-17 14:24 - 2005-09-21 14:49 - 000000409 _____ () C:\Program Files (x86)\nullbmp.unique.ovl
2016-11-17 14:24 - 2016-11-17 14:27 - 000000031 _____ () C:\Program Files (x86)\Options.txt
2016-11-17 14:24 - 2005-10-07 19:54 - 000270071 _____ () C:\Program Files (x86)\rct3.dgf
2016-11-17 14:27 - 2014-10-13 16:07 - 015884288 _____ (Frontier Developments Ltd) C:\Program Files (x86)\RCT3plus.exe
2016-11-17 14:27 - 2014-10-13 16:07 - 000903641 _____ () C:\Program Files (x86)\RCT3S_MANUAL_USA.pdf
2016-11-17 14:27 - 2014-10-13 16:07 - 002904989 _____ () C:\Program Files (x86)\RCT3W_MANUAL_USA.pdf
2016-11-17 14:27 - 2014-10-13 16:07 - 001458696 _____ () C:\Program Files (x86)\RCT3_MANUAL_USA.pdf
2016-11-17 14:24 - 2005-05-26 12:29 - 000037611 _____ () C:\Program Files (x86)\Soaked_Readme.txt
2016-11-17 14:24 - 2005-09-29 13:07 - 000039039 _____ () C:\Program Files (x86)\Wild_Readme.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by pavel sotorník (18-01-2020 10:59:11)
Running from C:\Users\pavel sotorník\Downloads\frst
Windows 10 Home Version 1903 18362.592 (X64) (2019-08-30 17:24:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-252145539-1094254164-2140920995-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-252145539-1094254164-2140920995-503 - Limited - Disabled)
Guest (S-1-5-21-252145539-1094254164-2140920995-501 - Limited - Disabled)
oem (S-1-5-21-252145539-1094254164-2140920995-1001 - Administrator - Enabled) => C:\Users\oem
pavel sotorník (S-1-5-21-252145539-1094254164-2140920995-1005 - Administrator - Enabled) => C:\Users\pavel sotorník
WDAGUtilityAccount (S-1-5-21-252145539-1094254164-2140920995-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Fakturačka (HKLM-x32\...\{4969E56D-7831-4941-B820-B6B6BAC2EAC1}_is1) (Version: 1401310 - Ondřej Cenek)
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
FUEL (HKLM-x32\...\{F51FF206-2273-4B3E-A90A-4752AE288C12}) (Version: 1.00.0000 - Codemasters)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Seznam prohlížeč (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Seznam Browser) (Version: 6.0.1 - Seznam.cz a.s.)
Seznam Software (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\SeznamInstall) (Version: - Seznam.cz)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-11-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0 [2020-01-13] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2019-01-04 09:09 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C29C78B8-C1E1-4018-BD2C-1EF8403BD170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D756DBB2-4F29-48CB-B9CA-AB9D04A971F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{50893264-F6DF-4C66-BA03-1D9247C03C95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A49D568C-0A9A-44EC-924A-E99F081AF8F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [UDP Query User{1F3CA748-BCF2-425F-A72E-2DC00E778028}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{855C2C10-6B38-457B-BAE4-D0B98F110AA1}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{2BD47654-4564-4AF7-8B76-EAD66F03356A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9E304421-CD5B-4E62-9842-2279E6E35C69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9F490B6D-49F5-42FD-962C-490ACEE3E3A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BE686E8C-B874-4D09-A6E8-627E30580113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{707AAC0A-5901-4B14-95EF-414446A5DEA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{5241F83F-3550-4D2E-9C21-F16731F170E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{C841A3D1-3620-447A-8026-348CB270063A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{5851C6C7-7785-46AC-922C-2EC3E49ED995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{EF3218C3-339C-46B1-8FA4-4FFFEC8BE4A9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFAF175E-8F4E-4DD1-BF0D-7DAECC5849DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D3DC9A0C-EE7C-44A2-A1A0-6D6167E8C615}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E46DF843-FEC5-4AC5-A7F0-9317BC22C0B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9538E25-1775-42C0-A462-09F79F1576EE}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe (Asobo Studio -> Codemasters)
FirewallRules: [{05BC8F67-D61C-4A27-92DF-0819B5265EA4}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe (Asobo Studio -> Codemasters)
FirewallRules: [{40A7B62A-565D-4EE7-82CA-D1D26698E7AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D94498C-7683-4174-AD82-85C78D30AF20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C1AA2FC0-6D6A-4097-9EB0-783767233B07}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{421A78E5-23FC-4779-9447-C54B7A75D97F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{2D245157-0AF5-4F0D-BF91-9C0740E0DFD5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E5ED0378-6C39-4CCE-B76E-FCEAC8C7DD17}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B09922A3-7F98-4AC5-BD69-3732487493F5}C:\users\oem\gsplay\csko\hl.exe] => (Block) C:\users\oem\gsplay\csko\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{02DAACCF-CFDF-4E31-8BC8-E78DFF74EF19}C:\users\oem\gsplay\csko\hl.exe] => (Block) C:\users\oem\gsplay\csko\hl.exe (Valve) [File not signed]
FirewallRules: [{9118659C-D973-49F0-91C9-151F6AAEFC04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [{D0FD95DB-2D71-4223-A585-3AF2A9E51446}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [{D1C6B0D0-17AA-4C0B-85B6-59409E4BFEF0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0D41DF6C-9EAA-43FE-B469-0964D0BBD6C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF4590C1-D86F-4AD7-A4CD-7CF029C39CBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8905F06-C833-4857-A814-3B654187A244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5D3D8BE-81C7-44FF-8157-A32CB6C8FCFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC78FD39-712D-4294-BC52-DB0C2B1639A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1C42190-3937-4653-98A1-553CCF2E02CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97ABC57A-0370-4A79-9530-EEED303AEB5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE36A2D-FD2C-4EC3-8B32-0C2DD335FAF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
27-12-2019 11:55:31 Naplánovaný kontrolní bod
04-01-2020 18:09:47 Naplánovaný kontrolní bod
14-01-2020 11:57:46 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 10:58:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4336,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 10:38:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8916,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 10:28:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9844,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 10:14:06 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7416,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 10:03:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4340,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 12:29:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9748,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/17/2020 10:54:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3328,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/17/2020 10:46:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5788,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/18/2020 10:49:22 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 10:49:22 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 10:49:22 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 09:53:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/18/2020 09:53:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (01/18/2020 09:51:28 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 09:51:28 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 09:51:28 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Windows Defender:
===================================
Date: 2019-11-04 23:41:16.590
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:JS/Vdehu.A
ID: 2147731176
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\Windows\Temp\_avast_\nsfsp000068F1.tmp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1400.0, AS: 1.305.1400.0, NIS: 1.305.1400.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-10-20 10:25:06.362
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1C417509-686F-43E7-9F2F-3B4D4EA53C21}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-10-20 09:51:08.680
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F734CAF5-F956-4E6D-B121-A7A2634AFA42}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-12 11:40:40.599
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1910.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-11-07 09:37:02.755
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1462.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2020-01-18 10:51:56.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:56.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:41.812
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:41.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:39.529
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:39.528
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:39.041
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:51:38.983
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.9 03/30/2015
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 72%
Total physical RAM: 3974.03 MB
Available physical RAM: 1104.04 MB
Total Virtual: 4678.03 MB
Available Virtual: 1603.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.82 GB) (Free:339.88 GB) NTFS
\\?\Volume{eb4de398-1cad-4f1e-a2dd-325197254d24}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{5807bdda-2f71-4857-b88a-e189cdfbd814}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakuje hláška s 16774libfoxloader-x64.dll
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-15.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-18-2020
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\oem\AppData\Roaming\Seznam.cz
Deleted C:\Users\pavel sotorník\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2509 octets] - [18/01/2020 11:37:17]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-15.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-18-2020
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\oem\AppData\Roaming\Seznam.cz
Deleted C:\Users\pavel sotorník\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2509 octets] - [18/01/2020 11:37:17]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by pavel sotorník (administrator) on DESKTOP-SF9EVOO (MSI MS-7817) (18-01-2020 15:43:20)
Running from C:\Users\pavel sotorník\Downloads\frst
Loaded Profiles: pavel sotorník (Available Profiles: oem & pavel sotorník)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\pavel sotorník\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-12-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Run: [sznAgent] => C:\Users\pavel sotorník\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18299CD0-BCFE-45DC-BFA6-620E7649856F} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {25207FFF-F7AB-45BA-82B5-96E0DBE94B53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {258566F8-C417-4426-9AF3-B976DD97EF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {4BEAB9F3-0277-4232-BB48-AE943160ECF1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {8727F0C4-AB16-4D77-85E6-267C745A6672} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {8A207182-770F-40FE-97A0-B7AD3F65E66B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9B53B7E8-09B8-4636-8F8F-DF2C3E5AEA28} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {A8F15F0D-9ABE-46F0-B02C-766EF3C686A8} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-252145539-1094254164-2140920995-1001 => C:\Users\oem\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-11-17] (Mega Limited -> Mega Limited)
Task: {C2688F56-D47E-440D-9011-BF9952C733BA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {E981CCC8-8D6A-4756-9B64-991BF3D40394} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EA780AF9-BB7B-4C00-AD3C-8E2362EF3A29} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {F1FF9FF1-472D-474E-89AF-B2B6FA086BF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{43205905-b91e-4fef-8a13-f130554ef9b2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {040EF25D-B79E-487D-B5AF-725148F542C8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {0B7781B4-6F2E-44C2-9ED0-F8BDC38E8866} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {1D6B758D-05B1-43F7-A774-9E96466430BB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {2B72F5E2-3B40-473D-8DA7-A93A4F4D0BE5} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {35F047D7-02D9-4382-8508-D49D340405F1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {7B37B409-0223-406C-ADE8-B7FD54739907} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {84CD6C97-DCDA-4CCF-BF22-EA22972F6D20} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {9631A524-789A-43C0-B09F-B1E54A72D5D9} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {F1B36143-2D8E-4A4B-81C1-42E70150D6D3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: 493epr7n.default
FF ProfilePath: C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default [2020-01-18]
FF Notifications: Mozilla\Firefox\Profiles\493epr7n.default -> hxxps://www.facebook.com; hxxps://openload.co
FF NewTabOverride: Mozilla\Firefox\Profiles\493epr7n.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-28]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-02]
FF Extension: (No Name) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (Seznam lištička) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2020-01-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252145539-1094254164-2140920995-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pavel sotorník\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies SF -> Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Profile: C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (Dokumenty) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-11]
CHR Extension: (Disk Google) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-06]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-16]
CHR Extension: (YouTube) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-12]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-01-18]
CHR Extension: (Gmail) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-06]
CHR Extension: (Chrome Media Router) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-27] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 11:36 - 2020-01-18 11:38 - 000000000 ____D C:\AdwCleaner
2020-01-18 11:34 - 2020-01-18 11:34 - 000000000 ____D C:\Users\pavel sotorník\Downloads\adwcleaner
2020-01-18 10:33 - 2020-01-18 15:44 - 000000000 ____D C:\FRST
2020-01-18 10:32 - 2020-01-18 15:43 - 000000000 ____D C:\Users\pavel sotorník\Downloads\frst
2020-01-18 10:23 - 2020-01-18 10:23 - 000000000 ____D C:\Users\pavel sotorník\AppData\Local\D3DSCache
2020-01-16 09:31 - 2020-01-16 09:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 09:30 - 2020-01-16 09:31 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 09:11 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 09:11 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 14:28 - 2020-01-14 14:28 - 001635937 _____ C:\Users\pavel sotorník\Desktop\Ubytovací poplatek-obecní vyhláška.pdf
2020-01-11 09:50 - 2020-01-11 09:51 - 000426483 _____ C:\Users\pavel sotorník\Downloads\zrušení_prac.poměru__Pánková08012020.pdf
2020-01-09 09:41 - 2020-01-17 19:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-02 16:25 - 2020-01-02 16:25 - 000700416 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA V.ppt
2020-01-02 16:24 - 2020-01-02 16:24 - 000267955 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA IV.ppsx
2020-01-02 16:21 - 2020-01-02 16:21 - 000792064 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA III.ppt
2020-01-02 16:18 - 2020-01-02 16:18 - 000321265 _____ C:\Users\pavel sotorník\Downloads\2019_SOCIÁLNÍ POLITIKA II.ppsx
2020-01-02 16:14 - 2020-01-02 16:15 - 000923136 _____ C:\Users\pavel sotorník\Downloads\2019_SOCIÁLNÍ POLITIKA I.ppt
2019-12-21 15:12 - 2019-12-21 15:12 - 005259840 _____ (Seznam.cz) C:\Users\pavel sotorník\Downloads\Seznam.cz-install.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 15:39 - 2019-08-30 17:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-18 15:39 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 13:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-18 13:11 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 11:43 - 2016-11-18 11:48 - 000000000 ____D C:\Users\pavel sotorník\AppData\LocalLow\Mozilla
2020-01-18 11:40 - 2018-01-26 18:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-18 11:40 - 2016-05-30 21:48 - 000000000 __SHD C:\Users\pavel sotorník\IntelGraphicsProfiles
2020-01-18 11:40 - 2015-08-18 12:04 - 009246601 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2020-01-18 11:39 - 2019-08-30 18:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 11:38 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 10:47 - 2019-08-30 17:57 - 000000000 ____D C:\Users\pavel sotorník
2020-01-18 10:38 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-17 19:06 - 2019-08-30 17:49 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-17 19:05 - 2016-05-31 06:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 09:41 - 2016-07-08 16:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 09:37 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 09:37 - 2016-07-08 16:40 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 08:34 - 2019-08-30 18:23 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-15 13:15 - 2019-08-30 18:23 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-252145539-1094254164-2140920995-1005
2020-01-15 13:14 - 2019-08-30 17:57 - 000002388 _____ C:\Users\pavel sotorník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-15 13:14 - 2016-05-30 21:51 - 000000000 ___RD C:\Users\pavel sotorník\OneDrive
2020-01-14 09:20 - 2019-08-30 18:23 - 000004672 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-14 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-10 19:25 - 2016-05-31 06:42 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-08 08:00 - 2017-07-05 14:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 08:00 - 2017-07-05 14:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-27 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-19 18:28 - 2017-04-27 20:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2016-11-17 14:24 - 2005-08-25 16:11 - 000005306 _____ () C:\Program Files (x86)\Graphics.fix
2016-11-17 14:29 - 2014-10-13 16:02 - 000001718 _____ () C:\Program Files (x86)\Installation.txt
2016-11-17 14:24 - 2005-08-19 13:02 - 000098304 _____ () C:\Program Files (x86)\m4d.dll
2016-11-17 14:24 - 2005-10-21 16:24 - 025360371 _____ () C:\Program Files (x86)\Main.common.ovl
2016-11-17 14:24 - 2005-10-21 16:24 - 000000004 _____ () C:\Program Files (x86)\Main.common.ovl.CHK
2016-11-17 14:24 - 2005-10-21 16:24 - 000840398 _____ () C:\Program Files (x86)\Main.unique.ovl
2016-11-17 14:24 - 2005-10-21 16:24 - 000000004 _____ () C:\Program Files (x86)\Main.unique.ovl.CHK
2016-11-17 14:24 - 2005-07-26 09:32 - 000348160 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2016-11-17 14:24 - 2005-09-21 14:49 - 000006081 _____ () C:\Program Files (x86)\nullbmp.common.ovl
2016-11-17 14:24 - 2005-09-21 14:49 - 000000409 _____ () C:\Program Files (x86)\nullbmp.unique.ovl
2016-11-17 14:24 - 2016-11-17 14:27 - 000000031 _____ () C:\Program Files (x86)\Options.txt
2016-11-17 14:24 - 2005-10-07 19:54 - 000270071 _____ () C:\Program Files (x86)\rct3.dgf
2016-11-17 14:27 - 2014-10-13 16:07 - 015884288 _____ (Frontier Developments Ltd) C:\Program Files (x86)\RCT3plus.exe
2016-11-17 14:27 - 2014-10-13 16:07 - 000903641 _____ () C:\Program Files (x86)\RCT3S_MANUAL_USA.pdf
2016-11-17 14:27 - 2014-10-13 16:07 - 002904989 _____ () C:\Program Files (x86)\RCT3W_MANUAL_USA.pdf
2016-11-17 14:27 - 2014-10-13 16:07 - 001458696 _____ () C:\Program Files (x86)\RCT3_MANUAL_USA.pdf
2016-11-17 14:24 - 2005-05-26 12:29 - 000037611 _____ () C:\Program Files (x86)\Soaked_Readme.txt
2016-11-17 14:24 - 2005-09-29 13:07 - 000039039 _____ () C:\Program Files (x86)\Wild_Readme.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by pavel sotorník (18-01-2020 15:45:59)
Running from C:\Users\pavel sotorník\Downloads\frst
Windows 10 Home Version 1903 18362.592 (X64) (2019-08-30 17:24:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-252145539-1094254164-2140920995-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-252145539-1094254164-2140920995-503 - Limited - Disabled)
Guest (S-1-5-21-252145539-1094254164-2140920995-501 - Limited - Disabled)
oem (S-1-5-21-252145539-1094254164-2140920995-1001 - Administrator - Enabled) => C:\Users\oem
pavel sotorník (S-1-5-21-252145539-1094254164-2140920995-1005 - Administrator - Enabled) => C:\Users\pavel sotorník
WDAGUtilityAccount (S-1-5-21-252145539-1094254164-2140920995-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Fakturačka (HKLM-x32\...\{4969E56D-7831-4941-B820-B6B6BAC2EAC1}_is1) (Version: 1401310 - Ondřej Cenek)
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
FUEL (HKLM-x32\...\{F51FF206-2273-4B3E-A90A-4752AE288C12}) (Version: 1.00.0000 - Codemasters)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Seznam prohlížeč (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Seznam Browser) (Version: 6.0.1 - Seznam.cz a.s.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-11-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0 [2020-01-13] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2019-01-04 09:09 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C29C78B8-C1E1-4018-BD2C-1EF8403BD170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D756DBB2-4F29-48CB-B9CA-AB9D04A971F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{50893264-F6DF-4C66-BA03-1D9247C03C95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A49D568C-0A9A-44EC-924A-E99F081AF8F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [UDP Query User{1F3CA748-BCF2-425F-A72E-2DC00E778028}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{855C2C10-6B38-457B-BAE4-D0B98F110AA1}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{2BD47654-4564-4AF7-8B76-EAD66F03356A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9E304421-CD5B-4E62-9842-2279E6E35C69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9F490B6D-49F5-42FD-962C-490ACEE3E3A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BE686E8C-B874-4D09-A6E8-627E30580113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{707AAC0A-5901-4B14-95EF-414446A5DEA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{5241F83F-3550-4D2E-9C21-F16731F170E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{C841A3D1-3620-447A-8026-348CB270063A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{5851C6C7-7785-46AC-922C-2EC3E49ED995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{EF3218C3-339C-46B1-8FA4-4FFFEC8BE4A9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFAF175E-8F4E-4DD1-BF0D-7DAECC5849DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D3DC9A0C-EE7C-44A2-A1A0-6D6167E8C615}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E46DF843-FEC5-4AC5-A7F0-9317BC22C0B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9538E25-1775-42C0-A462-09F79F1576EE}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe (Asobo Studio -> Codemasters)
FirewallRules: [{05BC8F67-D61C-4A27-92DF-0819B5265EA4}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe (Asobo Studio -> Codemasters)
FirewallRules: [{40A7B62A-565D-4EE7-82CA-D1D26698E7AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D94498C-7683-4174-AD82-85C78D30AF20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C1AA2FC0-6D6A-4097-9EB0-783767233B07}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{421A78E5-23FC-4779-9447-C54B7A75D97F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{2D245157-0AF5-4F0D-BF91-9C0740E0DFD5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E5ED0378-6C39-4CCE-B76E-FCEAC8C7DD17}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B09922A3-7F98-4AC5-BD69-3732487493F5}C:\users\oem\gsplay\csko\hl.exe] => (Block) C:\users\oem\gsplay\csko\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{02DAACCF-CFDF-4E31-8BC8-E78DFF74EF19}C:\users\oem\gsplay\csko\hl.exe] => (Block) C:\users\oem\gsplay\csko\hl.exe (Valve) [File not signed]
FirewallRules: [{9118659C-D973-49F0-91C9-151F6AAEFC04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [{D0FD95DB-2D71-4223-A585-3AF2A9E51446}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [{D1C6B0D0-17AA-4C0B-85B6-59409E4BFEF0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0D41DF6C-9EAA-43FE-B469-0964D0BBD6C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF4590C1-D86F-4AD7-A4CD-7CF029C39CBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8905F06-C833-4857-A814-3B654187A244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5D3D8BE-81C7-44FF-8157-A32CB6C8FCFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC78FD39-712D-4294-BC52-DB0C2B1639A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1C42190-3937-4653-98A1-553CCF2E02CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97ABC57A-0370-4A79-9530-EEED303AEB5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE36A2D-FD2C-4EC3-8B32-0C2DD335FAF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
27-12-2019 11:55:31 Naplánovaný kontrolní bod
04-01-2020 18:09:47 Naplánovaný kontrolní bod
14-01-2020 11:57:46 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 03:46:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 01:17:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2092,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 12:15:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 12:07:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8988,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 11:49:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4156,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 11:24:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 11:08:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10204,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 10:58:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4336,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/18/2020 11:39:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 11:39:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 11:39:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 11:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3221225507 milisekund: Restartovat službu.
Error: (01/18/2020 11:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba tbaseprovisioning byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 11:38:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (01/18/2020 11:38:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 11:38:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2019-11-04 23:41:16.590
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:JS/Vdehu.A
ID: 2147731176
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\Windows\Temp\_avast_\nsfsp000068F1.tmp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1400.0, AS: 1.305.1400.0, NIS: 1.305.1400.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-10-20 10:25:06.362
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1C417509-686F-43E7-9F2F-3B4D4EA53C21}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-10-20 09:51:08.680
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F734CAF5-F956-4E6D-B121-A7A2634AFA42}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-12 11:40:40.599
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1910.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-11-07 09:37:02.755
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1462.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2020-01-18 13:10:21.855
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 13:10:21.843
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 13:10:21.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 11:40:57.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.678
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.650
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.634
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.9 03/30/2015
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 83%
Total physical RAM: 3974.03 MB
Available physical RAM: 656.93 MB
Total Virtual: 4678.03 MB
Available Virtual: 806.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.82 GB) (Free:339.45 GB) NTFS
\\?\Volume{eb4de398-1cad-4f1e-a2dd-325197254d24}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{5807bdda-2f71-4857-b88a-e189cdfbd814}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by pavel sotorník (administrator) on DESKTOP-SF9EVOO (MSI MS-7817) (18-01-2020 15:43:20)
Running from C:\Users\pavel sotorník\Downloads\frst
Loaded Profiles: pavel sotorník (Available Profiles: oem & pavel sotorník)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\pavel sotorník\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-12-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Run: [sznAgent] => C:\Users\pavel sotorník\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18299CD0-BCFE-45DC-BFA6-620E7649856F} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {25207FFF-F7AB-45BA-82B5-96E0DBE94B53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {258566F8-C417-4426-9AF3-B976DD97EF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {4BEAB9F3-0277-4232-BB48-AE943160ECF1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {8727F0C4-AB16-4D77-85E6-267C745A6672} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {8A207182-770F-40FE-97A0-B7AD3F65E66B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9B53B7E8-09B8-4636-8F8F-DF2C3E5AEA28} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {A8F15F0D-9ABE-46F0-B02C-766EF3C686A8} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-252145539-1094254164-2140920995-1001 => C:\Users\oem\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-11-17] (Mega Limited -> Mega Limited)
Task: {C2688F56-D47E-440D-9011-BF9952C733BA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {E981CCC8-8D6A-4756-9B64-991BF3D40394} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EA780AF9-BB7B-4C00-AD3C-8E2362EF3A29} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {F1FF9FF1-472D-474E-89AF-B2B6FA086BF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{43205905-b91e-4fef-8a13-f130554ef9b2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {040EF25D-B79E-487D-B5AF-725148F542C8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {0B7781B4-6F2E-44C2-9ED0-F8BDC38E8866} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {1D6B758D-05B1-43F7-A774-9E96466430BB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {2B72F5E2-3B40-473D-8DA7-A93A4F4D0BE5} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {35F047D7-02D9-4382-8508-D49D340405F1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {7B37B409-0223-406C-ADE8-B7FD54739907} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {84CD6C97-DCDA-4CCF-BF22-EA22972F6D20} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {9631A524-789A-43C0-B09F-B1E54A72D5D9} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> {F1B36143-2D8E-4A4B-81C1-42E70150D6D3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-252145539-1094254164-2140920995-1005 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: 493epr7n.default
FF ProfilePath: C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default [2020-01-18]
FF Notifications: Mozilla\Firefox\Profiles\493epr7n.default -> hxxps://www.facebook.com; hxxps://openload.co
FF NewTabOverride: Mozilla\Firefox\Profiles\493epr7n.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-28]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-02]
FF Extension: (No Name) - C:\Users\pavel sotorník\AppData\Roaming\Mozilla\Firefox\Profiles\493epr7n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (Seznam lištička) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2020-01-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252145539-1094254164-2140920995-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pavel sotorník\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies SF -> Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Profile: C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (Dokumenty) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-11]
CHR Extension: (Disk Google) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-06]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-16]
CHR Extension: (YouTube) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-12]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-01-18]
CHR Extension: (Gmail) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-06]
CHR Extension: (Chrome Media Router) - C:\Users\pavel sotorník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-27] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 11:36 - 2020-01-18 11:38 - 000000000 ____D C:\AdwCleaner
2020-01-18 11:34 - 2020-01-18 11:34 - 000000000 ____D C:\Users\pavel sotorník\Downloads\adwcleaner
2020-01-18 10:33 - 2020-01-18 15:44 - 000000000 ____D C:\FRST
2020-01-18 10:32 - 2020-01-18 15:43 - 000000000 ____D C:\Users\pavel sotorník\Downloads\frst
2020-01-18 10:23 - 2020-01-18 10:23 - 000000000 ____D C:\Users\pavel sotorník\AppData\Local\D3DSCache
2020-01-16 09:31 - 2020-01-16 09:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 09:31 - 2020-01-16 09:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 09:30 - 2020-01-16 09:31 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 09:30 - 2020-01-16 09:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-16 09:30 - 2020-01-16 09:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 09:30 - 2020-01-16 09:30 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 09:11 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 09:11 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 14:28 - 2020-01-14 14:28 - 001635937 _____ C:\Users\pavel sotorník\Desktop\Ubytovací poplatek-obecní vyhláška.pdf
2020-01-11 09:50 - 2020-01-11 09:51 - 000426483 _____ C:\Users\pavel sotorník\Downloads\zrušení_prac.poměru__Pánková08012020.pdf
2020-01-09 09:41 - 2020-01-17 19:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-02 16:25 - 2020-01-02 16:25 - 000700416 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA V.ppt
2020-01-02 16:24 - 2020-01-02 16:24 - 000267955 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA IV.ppsx
2020-01-02 16:21 - 2020-01-02 16:21 - 000792064 _____ C:\Users\pavel sotorník\Downloads\SOCIÁLNÍ POLITIKA III.ppt
2020-01-02 16:18 - 2020-01-02 16:18 - 000321265 _____ C:\Users\pavel sotorník\Downloads\2019_SOCIÁLNÍ POLITIKA II.ppsx
2020-01-02 16:14 - 2020-01-02 16:15 - 000923136 _____ C:\Users\pavel sotorník\Downloads\2019_SOCIÁLNÍ POLITIKA I.ppt
2019-12-21 15:12 - 2019-12-21 15:12 - 005259840 _____ (Seznam.cz) C:\Users\pavel sotorník\Downloads\Seznam.cz-install.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 15:39 - 2019-08-30 17:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-18 15:39 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 13:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-18 13:11 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 11:43 - 2016-11-18 11:48 - 000000000 ____D C:\Users\pavel sotorník\AppData\LocalLow\Mozilla
2020-01-18 11:40 - 2018-01-26 18:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-18 11:40 - 2016-05-30 21:48 - 000000000 __SHD C:\Users\pavel sotorník\IntelGraphicsProfiles
2020-01-18 11:40 - 2015-08-18 12:04 - 009246601 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2020-01-18 11:39 - 2019-08-30 18:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 11:38 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 10:47 - 2019-08-30 17:57 - 000000000 ____D C:\Users\pavel sotorník
2020-01-18 10:38 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-17 19:06 - 2019-08-30 17:49 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-17 19:05 - 2016-05-31 06:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-17 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 09:41 - 2016-07-08 16:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 09:37 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 09:37 - 2016-07-08 16:40 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 08:34 - 2019-08-30 18:23 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-15 13:15 - 2019-08-30 18:23 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-252145539-1094254164-2140920995-1005
2020-01-15 13:14 - 2019-08-30 17:57 - 000002388 _____ C:\Users\pavel sotorník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-15 13:14 - 2016-05-30 21:51 - 000000000 ___RD C:\Users\pavel sotorník\OneDrive
2020-01-14 09:20 - 2019-08-30 18:23 - 000004672 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-14 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-10 19:25 - 2016-05-31 06:42 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-08 08:00 - 2017-07-05 14:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 08:00 - 2017-07-05 14:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-27 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-19 18:28 - 2017-04-27 20:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2016-11-17 14:24 - 2005-08-25 16:11 - 000005306 _____ () C:\Program Files (x86)\Graphics.fix
2016-11-17 14:29 - 2014-10-13 16:02 - 000001718 _____ () C:\Program Files (x86)\Installation.txt
2016-11-17 14:24 - 2005-08-19 13:02 - 000098304 _____ () C:\Program Files (x86)\m4d.dll
2016-11-17 14:24 - 2005-10-21 16:24 - 025360371 _____ () C:\Program Files (x86)\Main.common.ovl
2016-11-17 14:24 - 2005-10-21 16:24 - 000000004 _____ () C:\Program Files (x86)\Main.common.ovl.CHK
2016-11-17 14:24 - 2005-10-21 16:24 - 000840398 _____ () C:\Program Files (x86)\Main.unique.ovl
2016-11-17 14:24 - 2005-10-21 16:24 - 000000004 _____ () C:\Program Files (x86)\Main.unique.ovl.CHK
2016-11-17 14:24 - 2005-07-26 09:32 - 000348160 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2016-11-17 14:24 - 2005-09-21 14:49 - 000006081 _____ () C:\Program Files (x86)\nullbmp.common.ovl
2016-11-17 14:24 - 2005-09-21 14:49 - 000000409 _____ () C:\Program Files (x86)\nullbmp.unique.ovl
2016-11-17 14:24 - 2016-11-17 14:27 - 000000031 _____ () C:\Program Files (x86)\Options.txt
2016-11-17 14:24 - 2005-10-07 19:54 - 000270071 _____ () C:\Program Files (x86)\rct3.dgf
2016-11-17 14:27 - 2014-10-13 16:07 - 015884288 _____ (Frontier Developments Ltd) C:\Program Files (x86)\RCT3plus.exe
2016-11-17 14:27 - 2014-10-13 16:07 - 000903641 _____ () C:\Program Files (x86)\RCT3S_MANUAL_USA.pdf
2016-11-17 14:27 - 2014-10-13 16:07 - 002904989 _____ () C:\Program Files (x86)\RCT3W_MANUAL_USA.pdf
2016-11-17 14:27 - 2014-10-13 16:07 - 001458696 _____ () C:\Program Files (x86)\RCT3_MANUAL_USA.pdf
2016-11-17 14:24 - 2005-05-26 12:29 - 000037611 _____ () C:\Program Files (x86)\Soaked_Readme.txt
2016-11-17 14:24 - 2005-09-29 13:07 - 000039039 _____ () C:\Program Files (x86)\Wild_Readme.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by pavel sotorník (18-01-2020 15:45:59)
Running from C:\Users\pavel sotorník\Downloads\frst
Windows 10 Home Version 1903 18362.592 (X64) (2019-08-30 17:24:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-252145539-1094254164-2140920995-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-252145539-1094254164-2140920995-503 - Limited - Disabled)
Guest (S-1-5-21-252145539-1094254164-2140920995-501 - Limited - Disabled)
oem (S-1-5-21-252145539-1094254164-2140920995-1001 - Administrator - Enabled) => C:\Users\oem
pavel sotorník (S-1-5-21-252145539-1094254164-2140920995-1005 - Administrator - Enabled) => C:\Users\pavel sotorník
WDAGUtilityAccount (S-1-5-21-252145539-1094254164-2140920995-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Fakturačka (HKLM-x32\...\{4969E56D-7831-4941-B820-B6B6BAC2EAC1}_is1) (Version: 1401310 - Ondřej Cenek)
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
FUEL (HKLM-x32\...\{F51FF206-2273-4B3E-A90A-4752AE288C12}) (Version: 1.00.0000 - Codemasters)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Seznam prohlížeč (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\Seznam Browser) (Version: 6.0.1 - Seznam.cz a.s.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-252145539-1094254164-2140920995-1005\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-11-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0 [2020-01-13] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\oem\AppData\Local\MEGAsync\ShellExtX64.dll [2019-11-17] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2019-01-04 09:09 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-252145539-1094254164-2140920995-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C29C78B8-C1E1-4018-BD2C-1EF8403BD170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D756DBB2-4F29-48CB-B9CA-AB9D04A971F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{50893264-F6DF-4C66-BA03-1D9247C03C95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A49D568C-0A9A-44EC-924A-E99F081AF8F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [UDP Query User{1F3CA748-BCF2-425F-A72E-2DC00E778028}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{855C2C10-6B38-457B-BAE4-D0B98F110AA1}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{2BD47654-4564-4AF7-8B76-EAD66F03356A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9E304421-CD5B-4E62-9842-2279E6E35C69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9F490B6D-49F5-42FD-962C-490ACEE3E3A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BE686E8C-B874-4D09-A6E8-627E30580113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{707AAC0A-5901-4B14-95EF-414446A5DEA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{5241F83F-3550-4D2E-9C21-F16731F170E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{C841A3D1-3620-447A-8026-348CB270063A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{5851C6C7-7785-46AC-922C-2EC3E49ED995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{EF3218C3-339C-46B1-8FA4-4FFFEC8BE4A9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFAF175E-8F4E-4DD1-BF0D-7DAECC5849DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D3DC9A0C-EE7C-44A2-A1A0-6D6167E8C615}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E46DF843-FEC5-4AC5-A7F0-9317BC22C0B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9538E25-1775-42C0-A462-09F79F1576EE}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe (Asobo Studio -> Codemasters)
FirewallRules: [{05BC8F67-D61C-4A27-92DF-0819B5265EA4}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe (Asobo Studio -> Codemasters)
FirewallRules: [{40A7B62A-565D-4EE7-82CA-D1D26698E7AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D94498C-7683-4174-AD82-85C78D30AF20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C1AA2FC0-6D6A-4097-9EB0-783767233B07}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{421A78E5-23FC-4779-9447-C54B7A75D97F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{2D245157-0AF5-4F0D-BF91-9C0740E0DFD5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E5ED0378-6C39-4CCE-B76E-FCEAC8C7DD17}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B09922A3-7F98-4AC5-BD69-3732487493F5}C:\users\oem\gsplay\csko\hl.exe] => (Block) C:\users\oem\gsplay\csko\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{02DAACCF-CFDF-4E31-8BC8-E78DFF74EF19}C:\users\oem\gsplay\csko\hl.exe] => (Block) C:\users\oem\gsplay\csko\hl.exe (Valve) [File not signed]
FirewallRules: [{9118659C-D973-49F0-91C9-151F6AAEFC04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [{D0FD95DB-2D71-4223-A585-3AF2A9E51446}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [File not signed]
FirewallRules: [TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [{D1C6B0D0-17AA-4C0B-85B6-59409E4BFEF0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0D41DF6C-9EAA-43FE-B469-0964D0BBD6C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF4590C1-D86F-4AD7-A4CD-7CF029C39CBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8905F06-C833-4857-A814-3B654187A244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5D3D8BE-81C7-44FF-8157-A32CB6C8FCFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC78FD39-712D-4294-BC52-DB0C2B1639A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1C42190-3937-4653-98A1-553CCF2E02CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97ABC57A-0370-4A79-9530-EEED303AEB5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE36A2D-FD2C-4EC3-8B32-0C2DD335FAF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
27-12-2019 11:55:31 Naplánovaný kontrolní bod
04-01-2020 18:09:47 Naplánovaný kontrolní bod
14-01-2020 11:57:46 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 03:46:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 01:17:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2092,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 12:15:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 12:07:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8988,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 11:49:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4156,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 11:24:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 11:08:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10204,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/18/2020 10:58:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4336,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/18/2020 11:39:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 11:39:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 11:39:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (01/18/2020 11:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3221225507 milisekund: Restartovat službu.
Error: (01/18/2020 11:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba tbaseprovisioning byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 11:38:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (01/18/2020 11:38:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 11:38:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2019-11-04 23:41:16.590
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:JS/Vdehu.A
ID: 2147731176
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\Windows\Temp\_avast_\nsfsp000068F1.tmp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1400.0, AS: 1.305.1400.0, NIS: 1.305.1400.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-10-20 10:25:06.362
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1C417509-686F-43E7-9F2F-3B4D4EA53C21}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-10-20 09:51:08.680
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F734CAF5-F956-4E6D-B121-A7A2634AFA42}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-12 11:40:40.599
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1910.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-11-07 09:37:02.755
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1462.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2019-10-16 20:20:20.568
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.125.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2020-01-18 13:10:21.855
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 13:10:21.843
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 13:10:21.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 11:40:57.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.678
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.650
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 11:40:57.634
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.9 03/30/2015
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 83%
Total physical RAM: 3974.03 MB
Available physical RAM: 656.93 MB
Total Virtual: 4678.03 MB
Available Virtual: 806.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.82 GB) (Free:339.45 GB) NTFS
\\?\Volume{eb4de398-1cad-4f1e-a2dd-325197254d24}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{5807bdda-2f71-4857-b88a-e189cdfbd814}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\pavel sotorník\Downloads\frst jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {25207FFF-F7AB-45BA-82B5-96E0DBE94B53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {258566F8-C417-4426-9AF3-B976DD97EF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {8727F0C4-AB16-4D77-85E6-267C745A6672} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {8A207182-770F-40FE-97A0-B7AD3F65E66B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\Windows\AutoKMS
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
C:\Windows\Temp\_avast_\nsfsp000068F1.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by pavel sotorník (18-01-2020 16:16:31) Run:1
Running from C:\Users\pavel sotorník\Downloads\frst
Loaded Profiles: pavel sotorník (Available Profiles: oem & pavel sotorník)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {25207FFF-F7AB-45BA-82B5-96E0DBE94B53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {258566F8-C417-4426-9AF3-B976DD97EF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {8727F0C4-AB16-4D77-85E6-267C745A6672} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {8A207182-770F-40FE-97A0-B7AD3F65E66B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\Windows\AutoKMS
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
C:\Windows\Temp\_avast_\nsfsp000068F1.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => moved successfully
"C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25207FFF-F7AB-45BA-82B5-96E0DBE94B53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25207FFF-F7AB-45BA-82B5-96E0DBE94B53}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{258566F8-C417-4426-9AF3-B976DD97EF7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{258566F8-C417-4426-9AF3-B976DD97EF7A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8727F0C4-AB16-4D77-85E6-267C745A6672}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8727F0C4-AB16-4D77-85E6-267C745A6672}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A207182-770F-40FE-97A0-B7AD3F65E66B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A207182-770F-40FE-97A0-B7AD3F65E66B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Windows\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe" => removed successfully
"C:\Windows\Temp\_avast_\nsfsp000068F1.tmp" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 170978869 B
Java, Flash, Steam htmlcache => 10876765 B
Windows/system/drivers => 16744 B
Edge => 367879228 B
Chrome => 472994334 B
Firefox => 349904748 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7120 B
Users => 7120 B
ProgramData => 7120 B
Public => 7120 B
systemprofile => 7120 B
systemprofile32 => 7120 B
LocalService => 77720 B
NetworkService => 160692 B
oem => 88207195 B
pavel sotorník => 164783779 B
RecycleBin => 1169442004 B
EmptyTemp: => 2.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:20:16 ====
Ran by pavel sotorník (18-01-2020 16:16:31) Run:1
Running from C:\Users\pavel sotorník\Downloads\frst
Loaded Profiles: pavel sotorník (Available Profiles: oem & pavel sotorník)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {25207FFF-F7AB-45BA-82B5-96E0DBE94B53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {258566F8-C417-4426-9AF3-B976DD97EF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-05] (Google Inc -> Google Inc.)
Task: {8727F0C4-AB16-4D77-85E6-267C745A6672} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {8A207182-770F-40FE-97A0-B7AD3F65E66B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\Windows\AutoKMS
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-05-15] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
FirewallRules: [UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe No File
C:\Windows\Temp\_avast_\nsfsp000068F1.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => moved successfully
"C:\Users\pavel sotorník\AppData\Local\MEGAsync\MEGAsync.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25207FFF-F7AB-45BA-82B5-96E0DBE94B53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25207FFF-F7AB-45BA-82B5-96E0DBE94B53}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{258566F8-C417-4426-9AF3-B976DD97EF7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{258566F8-C417-4426-9AF3-B976DD97EF7A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8727F0C4-AB16-4D77-85E6-267C745A6672}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8727F0C4-AB16-4D77-85E6-267C745A6672}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A207182-770F-40FE-97A0-B7AD3F65E66B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A207182-770F-40FE-97A0-B7AD3F65E66B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Windows\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96DFDF74-140E-4A7B-8E26-BBFFE4C08A04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A1E5308-12F3-491E-9E89-AF3FE301CBB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3735562E-719C-4BBD-8480-42C0A2C2F98A}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5E8A6FA-3804-424A-8029-E96E79F5E322}C:\users\pavel sotorník\appdata\roaming\seznam browser\seznam.cz.exe" => removed successfully
"C:\Windows\Temp\_avast_\nsfsp000068F1.tmp" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 170978869 B
Java, Flash, Steam htmlcache => 10876765 B
Windows/system/drivers => 16744 B
Edge => 367879228 B
Chrome => 472994334 B
Firefox => 349904748 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7120 B
Users => 7120 B
ProgramData => 7120 B
Public => 7120 B
systemprofile => 7120 B
systemprofile32 => 7120 B
LocalService => 77720 B
NetworkService => 160692 B
oem => 88207195 B
pavel sotorník => 164783779 B
RecycleBin => 1169442004 B
EmptyTemp: => 2.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:20:16 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Už je to v pořádku. Děkuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakuje hláška s 16774libfoxloader-x64.dll
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?