Nezobrazující se nabidka start, zamrzání počítače
Napsal: 18 říj 2020 19:08
Ahoj,
mám problém se stolním počítačem, má win 8.1 a při klepnutí na windows (start) dlaždici se nezobrazí nabídka, pouze prázdná obrazovka, s jménem, vyhledáváním atd. Dále pak nelze nic přidat na lištu rychlého spuštění, explorer zamrzne. Prosím o kontrolu logu, děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2020
Ran by JohnRambo (administrator) on MARAST (Gigabyte Technology Co., Ltd. H97M-D3H) (18-10-2020 20:00:24)
Running from D:\Docs\Plocha
Loaded Profiles: JohnRambo
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] D:\Docs\AppData\Roaming\Smart Clock\SmartClock.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Netherlands B.V. -> AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2std.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4465400 2015-05-21] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2019-10-07] (AVG Netherlands B.V. -> )
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\...\Run: [SysHelper] => D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe [763904 2020-10-18] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [248832 2012-03-13] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\Windows\system32\CNAP3SMD.DLL [1625600 2013-04-19] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2015-07-20]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{CD105B98-DB7C-4E12-BB33-A12CBE721AAB}\app_icon.ico () [File not signed]
Startup: C:\Users\JohnRambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2019-11-30] (Leader Technologies) [File not signed]
Startup: C:\Users\JohnRambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-10-18]
ShortcutTarget: SmartClock.lnk -> D:\Docs\AppData\Roaming\Smart Clock\SmartClock.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A425979-AF50-4197-9053-5C5C9424B715} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {0A425979-AF50-4197-9053-5C5C9424B715} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {236E0028-1E38-4E01-A1E4-573E9A73708C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {2DF77F78-45DA-4585-8094-E8742D72C306} - System32\Tasks\1014tbUpdateInfo => C:\ProgramData\Avg_Update_1014tb\1014tb_AVG-Secure-Search-Update_1014tb.exe
Task: {2FA23CDC-6779-4FB6-A920-959AF040DCFB} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [3661072 2019-10-15] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {344BC6B6-3BB0-43AA-8E1A-9877A3714063} - System32\Tasks\Time Trigger Task => D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe [763904 2020-10-18] () [File not signed] <==== ATTENTION
Task: {9CB34D71-6A50-4CB2-BC08-FDE393A6D9E7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-10-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {A35D45D1-6148-4C4D-9F61-3DCCE3E043DD} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [218336 2017-05-02] (Tweaking LLC -> Tweaking.com)
Task: {B2FC1B2F-F12F-4AF7-82C8-D001F5067093} - System32\Tasks\Smart Clock => D:\Docs\AppData\Roaming\Smart Clock\SmartClock.exe [1929728 2020-10-18] () [File not signed]
Task: {C99A98D6-1F74-4B82-B9CF-6AEEE138477F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C99A98D6-1F74-4B82-B9CF-6AEEE138477F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {E7BE8470-7EA0-4EEA-BD88-1DEEA698595B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {E7BE8470-7EA0-4EEA-BD88-1DEEA698595B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {E7BE8470-7EA0-4EEA-BD88-1DEEA698595B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1014tbUpdateInfo.job => C:\ProgramData\Avg_Update_1014tb\1014tb_AVG-Secure-Search-Update_1014tb.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.122.222.222 188.122.222.223 8.8.8.8
Tcpip\..\Interfaces\{05B4D5C6-271A-488E-9AFE-4EB74D917A62}: [DhcpNameServer] 188.122.222.222 188.122.222.223 8.8.8.8
FireFox:
========
FF DefaultProfile: 92bxvzy9.default
FF ProfilePath: D:\Docs\AppData\Roaming\Mozilla\Firefox\Profiles\92bxvzy9.default [2020-10-18]
FF ProfilePath: D:\Docs\AppData\Roaming\Mozilla\Firefox\Profiles\o5et0wos.default-release [2020-10-18]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [984032 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5279232 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712864 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S2 Main Service; C:\Program Files (x86)\MachinerData\Rotator.exe [2368000 2020-10-18] (NCT Company Ltd.) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1666296 2015-05-21] (O&O Software GmbH -> O&O Software GmbH)
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1371136 2019-10-07] (AVG Netherlands B.V. -> AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [811520 2019-10-07] (AVG Netherlands B.V. -> )
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-03-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [283384 2017-09-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R3 SNP2STD; C:\Windows\system32\DRIVERS\snp2sxp.sys [12342656 2007-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [12039552 2007-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-18 19:59 - 2020-10-18 20:00 - 000000000 ____D C:\FRST
2020-10-18 19:48 - 2020-10-18 19:48 - 000000692 _____ C:\ProgramData\Plocha\Total Commander 64 bit.lnk
2020-10-18 19:48 - 2020-10-18 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-10-18 19:15 - 2020-10-18 19:15 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-10-18 19:15 - 2020-10-18 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust
2020-10-18 19:15 - 2007-04-09 11:38 - 012039552 _____ () C:\Windows\SysWOW64\Drivers\snp2sxp.sys
2020-10-18 19:15 - 2007-04-09 11:37 - 012342656 _____ () C:\Windows\system32\Drivers\snp2sxp.sys
2020-10-18 19:15 - 2007-03-29 16:04 - 000328704 _____ (Sonix) C:\Windows\system32\vsnp2std.dll
2020-10-18 19:15 - 2007-03-29 16:04 - 000249856 _____ (Sonix) C:\Windows\SysWOW64\vsnp2std.dll
2020-10-18 19:15 - 2007-01-25 18:48 - 000033664 _____ () C:\Windows\system32\Drivers\sncamd.sys
2020-10-18 19:15 - 2007-01-25 18:48 - 000025472 _____ () C:\Windows\SysWOW64\Drivers\sncamd.sys
2020-10-18 19:15 - 2006-11-16 15:57 - 000083968 _____ ( ) C:\Windows\system32\csnp2std.dll
2020-10-18 19:15 - 2006-10-12 17:21 - 000151552 _____ ( ) C:\Windows\SysWOW64\rsnp2std.dll
2020-10-18 19:15 - 2006-09-15 13:21 - 000675840 _____ (Sonix) C:\Windows\vsnp2std.exe
2020-10-18 19:15 - 2006-07-03 10:31 - 000094208 _____ (Microsoft Corporation) C:\Windows\amcap.exe
2020-10-18 19:15 - 2004-12-09 17:23 - 000015497 _____ C:\Windows\snp2std.ini
2020-10-18 19:15 - 2004-12-09 17:23 - 000013022 _____ C:\Windows\snp2std.src
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\Users\JohnRambo\_readme.txt
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\Users\Filip\_readme.txt
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\Users\Erik\_readme.txt
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\_readme.txt
2020-10-18 18:47 - 2020-10-18 18:47 - 000002966 _____ C:\Windows\system32\Tasks\Smart Clock
2020-10-18 18:47 - 2020-10-18 18:47 - 000000000 ____D C:\ProgramData\Riate
2020-10-18 18:46 - 2020-10-18 18:46 - 000000000 ____D C:\ProgramData\sib
2020-10-18 18:39 - 2020-10-18 18:39 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000003678 _____ C:\Windows\system32\Tasks\Time Trigger Task
2020-10-18 18:39 - 2020-10-18 18:39 - 000000000 ____D C:\SystemID
2020-10-18 18:39 - 2020-10-18 18:39 - 000000000 ____D C:\ProgramData\17T3GC155UOJA608BU28H6DBJ
2020-10-18 18:38 - 2020-10-18 19:03 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-10-18 18:38 - 2020-10-18 18:38 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2020-10-18 18:37 - 2020-10-18 19:40 - 000000000 ____D C:\Program Files (x86)\DecMgr
2020-10-18 18:37 - 2010-08-25 16:20 - 000892928 _____ (Free Software Foundation) C:\Windows\SysWOW64\iconv.dll
2020-10-18 18:37 - 2010-08-25 16:20 - 000675840 _____ () C:\Windows\SysWOW64\ac3filter.ax
2020-10-18 18:37 - 2010-08-25 16:20 - 000496640 _____ C:\Windows\SysWOW64\xvid.ax
2020-10-18 18:27 - 2020-10-18 19:44 - 000000000 ____D C:\Program Files (x86)\DriverToolkit
2020-10-18 18:15 - 2020-10-18 18:15 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-10-18 18:11 - 2020-10-18 18:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-18 18:01 - 2020-10-18 18:01 - 401695124 _____ C:\Windows\MEMORY.DMP
2020-10-18 18:01 - 2020-10-18 18:01 - 000289784 _____ C:\Windows\Minidump\101820-35171-01.dmp
2020-10-18 18:01 - 2020-10-18 18:01 - 000000000 ____D C:\Windows\Minidump
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-18 20:01 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-10-18 19:56 - 2019-10-06 13:32 - 000000000 ____D C:\Users\JohnRambo\AppData\LocalLow\Mozilla
2020-10-18 19:55 - 2014-03-18 17:33 - 001672896 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-18 19:55 - 2014-03-18 16:54 - 000700754 _____ C:\Windows\system32\perfh005.dat
2020-10-18 19:55 - 2014-03-18 16:54 - 000137774 _____ C:\Windows\system32\perfc005.dat
2020-10-18 19:55 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-18 19:52 - 2015-07-20 12:26 - 000000000 __SHD C:\Users\JohnRambo\IntelGraphicsProfiles
2020-10-18 19:49 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-18 19:25 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-18 19:15 - 2015-07-20 12:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-18 19:15 - 2013-08-22 15:25 - 000000186 _____ C:\Windows\win.ini
2020-10-18 19:05 - 2015-07-20 11:38 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4135652758-2871757375-1920405382-1001
2020-10-18 18:59 - 2019-10-06 13:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-18 18:58 - 2015-07-20 11:26 - 000000000 ____D C:\Users\JohnRambo
2020-10-18 18:55 - 2019-11-30 15:11 - 000000000 __SHD C:\Users\Erik\IntelGraphicsProfiles
2020-10-18 18:54 - 2020-04-27 13:39 - 002086853 _____ C:\Users\Filip\Downloads\První republika.pdf.efji
2020-10-18 18:54 - 2020-04-08 17:18 - 000039460 _____ C:\Users\Filip\Downloads\Vlk.jpg.efji
2020-10-18 18:54 - 2020-03-15 19:27 - 000290512 _____ C:\Users\Erik\Downloads\cute_rottweiler_puppy-wallpaper-1280x1024.jpg.efji
2020-10-18 18:54 - 2019-12-04 21:20 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2020-10-18 18:54 - 2019-12-04 21:20 - 000000000 ____D C:\Users\Filip
2020-10-18 18:54 - 2019-11-30 15:09 - 000000000 ____D C:\Users\Erik
2020-10-18 18:54 - 2019-10-24 22:53 - 000000000 ____D C:\RegBackup
2020-10-18 18:54 - 2015-07-27 12:11 - 000000000 ___HD C:\$AVG
2020-10-18 18:21 - 2020-03-15 19:26 - 000003958 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{523087B8-5368-4900-A3C8-3B593B1CBCBB}
2020-10-18 18:20 - 2020-03-15 19:52 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4135652758-2871757375-1920405382-1003
2020-10-18 18:17 - 2019-10-06 13:32 - 000000000 ____D C:\ProgramData\Mozilla
2020-10-18 18:15 - 2019-10-06 13:32 - 000000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-18 18:05 - 2015-07-20 13:58 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-10-16 18:17 - 2015-07-21 06:39 - 000000000 ____D C:\ProgramData\MFAData
==================== Files in the root of some directories ========
2020-10-18 18:39 - 2020-10-18 18:39 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-10-18 19:59 - 2020-10-18 19:59 - 000000890 _____ () D:\Docs\AppData\Local\bowsakkdestx.txt
2020-10-18 18:39 - 2020-10-18 18:54 - 000000890 _____ () D:\Docs\AppData\Local\bowsakkdestx.txt.efji
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-04 22:57
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by JohnRambo (18-10-2020 20:02:47)
Running from D:\Docs\Plocha
Windows 8.1 Pro (Update) (X64) (2015-07-20 09:26:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4135652758-2871757375-1920405382-500 - Administrator - Disabled)
Erik (S-1-5-21-4135652758-2871757375-1920405382-1003 - Limited - Enabled) => C:\Users\Erik
Filip (S-1-5-21-4135652758-2871757375-1920405382-1002 - Limited - Enabled) => C:\Users\Filip
Guest (S-1-5-21-4135652758-2871757375-1920405382-501 - Limited - Disabled)
JohnRambo (S-1-5-21-4135652758-2871757375-1920405382-1001 - Administrator - Enabled) => C:\Users\JohnRambo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Disabled - Out of date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG AntiVirus Free Edition (Disabled - Out of date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
AVG (HKLM\...\{BC2DC909-A848-4886-BBC7-A4895875C708}) (Version: 16.161.8048 - AVG Technologies) Hidden
AVG 2016 (HKLM\...\{C19A3151-EC41-4DF4-A2A9-14166CB8649E}) (Version: 16.0.4793 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.71.7596 - AVG Technologies)
AVG Protection (HKLM-x32\...\AVG) (Version: 16.161.8048 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1078 - AB Team, d.o.o.)
Canon LBP7100C 7110C Uninstaller (HKLM\...\Canon LBP7100C 7110C) (Version: 5, 4, 0, 0 - Canon Inc.)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 11.4.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Mozilla Firefox 81.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.2 (x64 en-US)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
O&O Defrag Professional (HKLM\...\{CD105B98-DB7C-4E12-BB33-A12CBE721AAB}) (Version: 18.9.60 - O&O Software GmbH)
OpenTTD 1.9.3 (HKLM-x32\...\OpenTTD) (Version: 1.9.3 - OpenTTD)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.73.701.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Re-Volt patch 12.07 (HKLM-x32\...\Re-Volt) (Version: patch 12.07 - )
Rodokmen Pro 2.1.1 (HKLM-x32\...\Rodokmen Pro_is1) (Version: 2.1.1 - Martin Veškrna)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\RollerCoaster Tycoon Deluxe_is1) (Version: - GOG.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Trust Webcam 15007 (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.22.001 - Sonix)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.5.4 - Tweaking.com)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XnView 2.33 (HKLM-x32\...\XnView_is1) (Version: 2.33 - Gougelet Pierre-e)
Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-02-22] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2019-10-19] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll [2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll [2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-10-15 18:52 - 2019-10-15 18:52 - 048920064 _____ () [File not signed] C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2015-09-01 17:06 - 2012-03-13 05:35 - 000248832 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNCENPM6.dll
2015-01-27 19:33 - 2015-01-27 19:33 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-01-27 19:33 - 2015-01-27 19:33 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={BE5D6E11-A212-48AC-9BB8-907A7FD31A6C}&mid=be0b3d73616147cda1e12de352509fe4-af20d2126e10a20796018a290d12fbbc166c7fcd&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-09-01 16:38:12&v=4.2.9.726&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11433&guid={A703F35F-BFD5-4689-9FAB-7CFD4D7D8F56}&i=
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE5D6E11-A212-48AC-9BB8-907A7FD31A6C}&mid=be0b3d73616147cda1e12de352509fe4-af20d2126e10a20796018a290d12fbbc166c7fcd&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-09-01 16:38:12&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> {2B74F1D7-3C97-4EBF-A7DF-76CD180C86EC} URL = hxxp://search.eshield.com/serp?guid={A703F35F-BFD5-4689-9FAB-7CFD4D7D8F56}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE5D6E11-A212-48AC-9BB8-907A7FD31A6C}&mid=be0b3d73616147cda1e12de352509fe4-af20d2126e10a20796018a290d12fbbc166c7fcd&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-09-01 16:38:12&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> {CAB39AE3-6367-4036-BB91-58E26C23CAD1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2019-10-07] (AVG Netherlands B.V. -> AVG)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2019-10-07] (AVG Netherlands B.V. -> AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> No Name - {65D62779-7349-41FF-9EEF-13106C95D71F} - No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2019-10-24 23:13 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\Control Panel\Desktop\\Wallpaper -> D:\Docs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 188.122.222.222 - 188.122.222.223
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "CNAP3 Launcher"
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\...\StartupApproved\Run: => "SysHelper"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF1654D8-31C7-4AC8-BB17-AFC64BCAA3EE}] => (Allow) D:\Docs\AppData\Local\TNT2\2.0.0.1983\TNT2User.exe => No File
FirewallRules: [{150DAA4A-66F3-4085-988B-74D599F37C27}] => (Allow) C:\Program Files (x86)\AVG2015\avgmfapx.exe => No File
FirewallRules: [{DDC1163B-B3D4-4874-B64C-A612FA86C858}] => (Allow) C:\Program Files (x86)\AVG2015\avgmfapx.exe => No File
FirewallRules: [{88D860FE-F500-4AD2-B3AF-23142A6DBB6A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{CCA0975B-BD28-4BCF-A1DD-A33FD21ADD02}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{C53EA68D-6923-4795-BB6E-9ECDDE87504E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6905615F-9C5A-4020-8192-78DEE35CE8AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B56F5711-D6D4-4778-8157-38BBA59112E6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2BDC958D-45C6-49AF-A23F-4FDBBA69A3A0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{85E9AE47-E879-4410-A946-FAA97680D668}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4F5F1D17-E6F2-4D66-BDDD-9D0838F1A607}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{E6EBB148-E34D-42DC-8228-DCA6C59F8A33}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe () [File not signed]
FirewallRules: [UDP Query User{E02E7173-82CC-499E-A5E4-9255F4F9D191}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe () [File not signed]
FirewallRules: [{EC543A58-BFA7-438A-B8B6-64F11C1AE179}] => (Block) D:\games\blur\blur.exe () [File not signed]
FirewallRules: [{C6672F50-44D8-40FA-9677-02C54E0B5BDE}] => (Block) D:\games\blur\blur.exe () [File not signed]
==================== Restore Points =========================
24-10-2019 22:53:49 Tweaking.com - Windows Repair 2018
30-11-2019 15:56:07 Instalováno Realtek Ethernet Controller Driver
11-03-2020 20:00:01 Removed RollerCoaster Tycoon Deluxe
11-03-2020 20:25:32 Instalační služba modulů systému Windows
18-10-2020 19:14:02 Installed Trust Webcam 15007
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/18/2020 07:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a5e6bbc0-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4c4ab57-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4b65d3e-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4aa717d-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a354ed67-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a2d1cc24-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a2bb94f3-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a2a0bf9b-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/18/2020 08:01:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.ZuneMusic.
Error: (10/18/2020 08:01:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.Office.OneNote.
Error: (10/18/2020 08:01:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.VCLibs.110.00.
Error: (10/18/2020 08:01:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.VCLibs.120.00.Preview.
Error: (10/18/2020 08:01:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.WinJS.1.0.
Error: (10/18/2020 08:01:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.Media.PlayReadyClient.
Error: (10/18/2020 07:51:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Main Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/18/2020 07:50:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
CodeIntegrity:
===================================
Date: 2020-10-18 19:50:33.922
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-18 19:24:12.266
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-18 19:00:03.230
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-18 18:02:24.800
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-16 18:17:18.255
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-15 14:37:16.945
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-03-11 19:14:49.432
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-03-11 18:46:55.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F6 04/21/2015
Motherboard: Gigabyte Technology Co., Ltd. H97M-D3H
Processor: Intel(R) Pentium(R) CPU G3450 @ 3.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3970.64 MB
Available physical RAM: 1819.12 MB
Total Virtual: 8066.64 MB
Available Virtual: 5726.65 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:100.24 GB) (Free:68 GB) NTFS
Drive d: (Data) (Fixed) (Total:830.92 GB) (Free:821.67 GB) NTFS
\\?\Volume{65009edf-2ec0-11e5-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3151426C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=830.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
mám problém se stolním počítačem, má win 8.1 a při klepnutí na windows (start) dlaždici se nezobrazí nabídka, pouze prázdná obrazovka, s jménem, vyhledáváním atd. Dále pak nelze nic přidat na lištu rychlého spuštění, explorer zamrzne. Prosím o kontrolu logu, děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2020
Ran by JohnRambo (administrator) on MARAST (Gigabyte Technology Co., Ltd. H97M-D3H) (18-10-2020 20:00:24)
Running from D:\Docs\Plocha
Loaded Profiles: JohnRambo
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] D:\Docs\AppData\Roaming\Smart Clock\SmartClock.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Netherlands B.V. -> AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2std.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4465400 2015-05-21] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2019-10-07] (AVG Netherlands B.V. -> )
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\...\Run: [SysHelper] => D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe [763904 2020-10-18] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [248832 2012-03-13] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\Windows\system32\CNAP3SMD.DLL [1625600 2013-04-19] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2015-07-20]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{CD105B98-DB7C-4E12-BB33-A12CBE721AAB}\app_icon.ico () [File not signed]
Startup: C:\Users\JohnRambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2019-11-30] (Leader Technologies) [File not signed]
Startup: C:\Users\JohnRambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk [2020-10-18]
ShortcutTarget: SmartClock.lnk -> D:\Docs\AppData\Roaming\Smart Clock\SmartClock.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A425979-AF50-4197-9053-5C5C9424B715} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {0A425979-AF50-4197-9053-5C5C9424B715} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {236E0028-1E38-4E01-A1E4-573E9A73708C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {2DF77F78-45DA-4585-8094-E8742D72C306} - System32\Tasks\1014tbUpdateInfo => C:\ProgramData\Avg_Update_1014tb\1014tb_AVG-Secure-Search-Update_1014tb.exe
Task: {2FA23CDC-6779-4FB6-A920-959AF040DCFB} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [3661072 2019-10-15] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {344BC6B6-3BB0-43AA-8E1A-9877A3714063} - System32\Tasks\Time Trigger Task => D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe [763904 2020-10-18] () [File not signed] <==== ATTENTION
Task: {9CB34D71-6A50-4CB2-BC08-FDE393A6D9E7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-10-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {A35D45D1-6148-4C4D-9F61-3DCCE3E043DD} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [218336 2017-05-02] (Tweaking LLC -> Tweaking.com)
Task: {B2FC1B2F-F12F-4AF7-82C8-D001F5067093} - System32\Tasks\Smart Clock => D:\Docs\AppData\Roaming\Smart Clock\SmartClock.exe [1929728 2020-10-18] () [File not signed]
Task: {C99A98D6-1F74-4B82-B9CF-6AEEE138477F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C99A98D6-1F74-4B82-B9CF-6AEEE138477F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {E7BE8470-7EA0-4EEA-BD88-1DEEA698595B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {E7BE8470-7EA0-4EEA-BD88-1DEEA698595B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {E7BE8470-7EA0-4EEA-BD88-1DEEA698595B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1014tbUpdateInfo.job => C:\ProgramData\Avg_Update_1014tb\1014tb_AVG-Secure-Search-Update_1014tb.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 188.122.222.222 188.122.222.223 8.8.8.8
Tcpip\..\Interfaces\{05B4D5C6-271A-488E-9AFE-4EB74D917A62}: [DhcpNameServer] 188.122.222.222 188.122.222.223 8.8.8.8
FireFox:
========
FF DefaultProfile: 92bxvzy9.default
FF ProfilePath: D:\Docs\AppData\Roaming\Mozilla\Firefox\Profiles\92bxvzy9.default [2020-10-18]
FF ProfilePath: D:\Docs\AppData\Roaming\Mozilla\Firefox\Profiles\o5et0wos.default-release [2020-10-18]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [984032 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5279232 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712864 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S2 Main Service; C:\Program Files (x86)\MachinerData\Rotator.exe [2368000 2020-10-18] (NCT Company Ltd.) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1666296 2015-05-21] (O&O Software GmbH -> O&O Software GmbH)
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1371136 2019-10-07] (AVG Netherlands B.V. -> AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [811520 2019-10-07] (AVG Netherlands B.V. -> )
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-03-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [283384 2017-09-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R3 SNP2STD; C:\Windows\system32\DRIVERS\snp2sxp.sys [12342656 2007-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [12039552 2007-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-18 19:59 - 2020-10-18 20:00 - 000000000 ____D C:\FRST
2020-10-18 19:48 - 2020-10-18 19:48 - 000000692 _____ C:\ProgramData\Plocha\Total Commander 64 bit.lnk
2020-10-18 19:48 - 2020-10-18 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-10-18 19:15 - 2020-10-18 19:15 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-10-18 19:15 - 2020-10-18 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust
2020-10-18 19:15 - 2007-04-09 11:38 - 012039552 _____ () C:\Windows\SysWOW64\Drivers\snp2sxp.sys
2020-10-18 19:15 - 2007-04-09 11:37 - 012342656 _____ () C:\Windows\system32\Drivers\snp2sxp.sys
2020-10-18 19:15 - 2007-03-29 16:04 - 000328704 _____ (Sonix) C:\Windows\system32\vsnp2std.dll
2020-10-18 19:15 - 2007-03-29 16:04 - 000249856 _____ (Sonix) C:\Windows\SysWOW64\vsnp2std.dll
2020-10-18 19:15 - 2007-01-25 18:48 - 000033664 _____ () C:\Windows\system32\Drivers\sncamd.sys
2020-10-18 19:15 - 2007-01-25 18:48 - 000025472 _____ () C:\Windows\SysWOW64\Drivers\sncamd.sys
2020-10-18 19:15 - 2006-11-16 15:57 - 000083968 _____ ( ) C:\Windows\system32\csnp2std.dll
2020-10-18 19:15 - 2006-10-12 17:21 - 000151552 _____ ( ) C:\Windows\SysWOW64\rsnp2std.dll
2020-10-18 19:15 - 2006-09-15 13:21 - 000675840 _____ (Sonix) C:\Windows\vsnp2std.exe
2020-10-18 19:15 - 2006-07-03 10:31 - 000094208 _____ (Microsoft Corporation) C:\Windows\amcap.exe
2020-10-18 19:15 - 2004-12-09 17:23 - 000015497 _____ C:\Windows\snp2std.ini
2020-10-18 19:15 - 2004-12-09 17:23 - 000013022 _____ C:\Windows\snp2std.src
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\Users\JohnRambo\_readme.txt
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\Users\Filip\_readme.txt
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\Users\Erik\_readme.txt
2020-10-18 18:54 - 2020-10-18 18:54 - 000001113 _____ C:\_readme.txt
2020-10-18 18:47 - 2020-10-18 18:47 - 000002966 _____ C:\Windows\system32\Tasks\Smart Clock
2020-10-18 18:47 - 2020-10-18 18:47 - 000000000 ____D C:\ProgramData\Riate
2020-10-18 18:46 - 2020-10-18 18:46 - 000000000 ____D C:\ProgramData\sib
2020-10-18 18:39 - 2020-10-18 18:39 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000003678 _____ C:\Windows\system32\Tasks\Time Trigger Task
2020-10-18 18:39 - 2020-10-18 18:39 - 000000000 ____D C:\SystemID
2020-10-18 18:39 - 2020-10-18 18:39 - 000000000 ____D C:\ProgramData\17T3GC155UOJA608BU28H6DBJ
2020-10-18 18:38 - 2020-10-18 19:03 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-10-18 18:38 - 2020-10-18 18:38 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2020-10-18 18:37 - 2020-10-18 19:40 - 000000000 ____D C:\Program Files (x86)\DecMgr
2020-10-18 18:37 - 2010-08-25 16:20 - 000892928 _____ (Free Software Foundation) C:\Windows\SysWOW64\iconv.dll
2020-10-18 18:37 - 2010-08-25 16:20 - 000675840 _____ () C:\Windows\SysWOW64\ac3filter.ax
2020-10-18 18:37 - 2010-08-25 16:20 - 000496640 _____ C:\Windows\SysWOW64\xvid.ax
2020-10-18 18:27 - 2020-10-18 19:44 - 000000000 ____D C:\Program Files (x86)\DriverToolkit
2020-10-18 18:15 - 2020-10-18 18:15 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-10-18 18:11 - 2020-10-18 18:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-18 18:01 - 2020-10-18 18:01 - 401695124 _____ C:\Windows\MEMORY.DMP
2020-10-18 18:01 - 2020-10-18 18:01 - 000289784 _____ C:\Windows\Minidump\101820-35171-01.dmp
2020-10-18 18:01 - 2020-10-18 18:01 - 000000000 ____D C:\Windows\Minidump
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-18 20:01 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-10-18 19:56 - 2019-10-06 13:32 - 000000000 ____D C:\Users\JohnRambo\AppData\LocalLow\Mozilla
2020-10-18 19:55 - 2014-03-18 17:33 - 001672896 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-18 19:55 - 2014-03-18 16:54 - 000700754 _____ C:\Windows\system32\perfh005.dat
2020-10-18 19:55 - 2014-03-18 16:54 - 000137774 _____ C:\Windows\system32\perfc005.dat
2020-10-18 19:55 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-18 19:52 - 2015-07-20 12:26 - 000000000 __SHD C:\Users\JohnRambo\IntelGraphicsProfiles
2020-10-18 19:49 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-18 19:25 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-18 19:15 - 2015-07-20 12:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-18 19:15 - 2013-08-22 15:25 - 000000186 _____ C:\Windows\win.ini
2020-10-18 19:05 - 2015-07-20 11:38 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4135652758-2871757375-1920405382-1001
2020-10-18 18:59 - 2019-10-06 13:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-18 18:58 - 2015-07-20 11:26 - 000000000 ____D C:\Users\JohnRambo
2020-10-18 18:55 - 2019-11-30 15:11 - 000000000 __SHD C:\Users\Erik\IntelGraphicsProfiles
2020-10-18 18:54 - 2020-04-27 13:39 - 002086853 _____ C:\Users\Filip\Downloads\První republika.pdf.efji
2020-10-18 18:54 - 2020-04-08 17:18 - 000039460 _____ C:\Users\Filip\Downloads\Vlk.jpg.efji
2020-10-18 18:54 - 2020-03-15 19:27 - 000290512 _____ C:\Users\Erik\Downloads\cute_rottweiler_puppy-wallpaper-1280x1024.jpg.efji
2020-10-18 18:54 - 2019-12-04 21:20 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2020-10-18 18:54 - 2019-12-04 21:20 - 000000000 ____D C:\Users\Filip
2020-10-18 18:54 - 2019-11-30 15:09 - 000000000 ____D C:\Users\Erik
2020-10-18 18:54 - 2019-10-24 22:53 - 000000000 ____D C:\RegBackup
2020-10-18 18:54 - 2015-07-27 12:11 - 000000000 ___HD C:\$AVG
2020-10-18 18:21 - 2020-03-15 19:26 - 000003958 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{523087B8-5368-4900-A3C8-3B593B1CBCBB}
2020-10-18 18:20 - 2020-03-15 19:52 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4135652758-2871757375-1920405382-1003
2020-10-18 18:17 - 2019-10-06 13:32 - 000000000 ____D C:\ProgramData\Mozilla
2020-10-18 18:15 - 2019-10-06 13:32 - 000000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-18 18:05 - 2015-07-20 13:58 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-10-16 18:17 - 2015-07-21 06:39 - 000000000 ____D C:\ProgramData\MFAData
==================== Files in the root of some directories ========
2020-10-18 18:39 - 2020-10-18 18:39 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-10-18 18:39 - 2020-10-18 18:39 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-10-18 19:59 - 2020-10-18 19:59 - 000000890 _____ () D:\Docs\AppData\Local\bowsakkdestx.txt
2020-10-18 18:39 - 2020-10-18 18:54 - 000000890 _____ () D:\Docs\AppData\Local\bowsakkdestx.txt.efji
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-04 22:57
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by JohnRambo (18-10-2020 20:02:47)
Running from D:\Docs\Plocha
Windows 8.1 Pro (Update) (X64) (2015-07-20 09:26:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4135652758-2871757375-1920405382-500 - Administrator - Disabled)
Erik (S-1-5-21-4135652758-2871757375-1920405382-1003 - Limited - Enabled) => C:\Users\Erik
Filip (S-1-5-21-4135652758-2871757375-1920405382-1002 - Limited - Enabled) => C:\Users\Filip
Guest (S-1-5-21-4135652758-2871757375-1920405382-501 - Limited - Disabled)
JohnRambo (S-1-5-21-4135652758-2871757375-1920405382-1001 - Administrator - Enabled) => C:\Users\JohnRambo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Disabled - Out of date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG AntiVirus Free Edition (Disabled - Out of date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
AVG (HKLM\...\{BC2DC909-A848-4886-BBC7-A4895875C708}) (Version: 16.161.8048 - AVG Technologies) Hidden
AVG 2016 (HKLM\...\{C19A3151-EC41-4DF4-A2A9-14166CB8649E}) (Version: 16.0.4793 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.71.7596 - AVG Technologies)
AVG Protection (HKLM-x32\...\AVG) (Version: 16.161.8048 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1078 - AB Team, d.o.o.)
Canon LBP7100C 7110C Uninstaller (HKLM\...\Canon LBP7100C 7110C) (Version: 5, 4, 0, 0 - Canon Inc.)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 11.4.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Mozilla Firefox 81.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.2 (x64 en-US)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
O&O Defrag Professional (HKLM\...\{CD105B98-DB7C-4E12-BB33-A12CBE721AAB}) (Version: 18.9.60 - O&O Software GmbH)
OpenTTD 1.9.3 (HKLM-x32\...\OpenTTD) (Version: 1.9.3 - OpenTTD)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.73.701.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Re-Volt patch 12.07 (HKLM-x32\...\Re-Volt) (Version: patch 12.07 - )
Rodokmen Pro 2.1.1 (HKLM-x32\...\Rodokmen Pro_is1) (Version: 2.1.1 - Martin Veškrna)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\RollerCoaster Tycoon Deluxe_is1) (Version: - GOG.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Trust Webcam 15007 (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.22.001 - Sonix)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.5.4 - Tweaking.com)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XnView 2.33 (HKLM-x32\...\XnView_is1) (Version: 2.33 - Gougelet Pierre-e)
Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-02-22] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2019-10-19] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll [2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll [2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-10-15 18:52 - 2019-10-15 18:52 - 048920064 _____ () [File not signed] C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2015-09-01 17:06 - 2012-03-13 05:35 - 000248832 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNCENPM6.dll
2015-01-27 19:33 - 2015-01-27 19:33 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-01-27 19:33 - 2015-01-27 19:33 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={BE5D6E11-A212-48AC-9BB8-907A7FD31A6C}&mid=be0b3d73616147cda1e12de352509fe4-af20d2126e10a20796018a290d12fbbc166c7fcd&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-09-01 16:38:12&v=4.2.9.726&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11433&guid={A703F35F-BFD5-4689-9FAB-7CFD4D7D8F56}&i=
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE5D6E11-A212-48AC-9BB8-907A7FD31A6C}&mid=be0b3d73616147cda1e12de352509fe4-af20d2126e10a20796018a290d12fbbc166c7fcd&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-09-01 16:38:12&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> {2B74F1D7-3C97-4EBF-A7DF-76CD180C86EC} URL = hxxp://search.eshield.com/serp?guid={A703F35F-BFD5-4689-9FAB-7CFD4D7D8F56}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE5D6E11-A212-48AC-9BB8-907A7FD31A6C}&mid=be0b3d73616147cda1e12de352509fe4-af20d2126e10a20796018a290d12fbbc166c7fcd&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-09-01 16:38:12&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> {CAB39AE3-6367-4036-BB91-58E26C23CAD1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2019-10-07] (AVG Netherlands B.V. -> AVG)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2019-10-07] (AVG Netherlands B.V. -> AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4135652758-2871757375-1920405382-1001 -> No Name - {65D62779-7349-41FF-9EEF-13106C95D71F} - No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2019-10-24 23:13 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\Control Panel\Desktop\\Wallpaper -> D:\Docs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 188.122.222.222 - 188.122.222.223
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "CNAP3 Launcher"
HKU\S-1-5-21-4135652758-2871757375-1920405382-1001\...\StartupApproved\Run: => "SysHelper"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF1654D8-31C7-4AC8-BB17-AFC64BCAA3EE}] => (Allow) D:\Docs\AppData\Local\TNT2\2.0.0.1983\TNT2User.exe => No File
FirewallRules: [{150DAA4A-66F3-4085-988B-74D599F37C27}] => (Allow) C:\Program Files (x86)\AVG2015\avgmfapx.exe => No File
FirewallRules: [{DDC1163B-B3D4-4874-B64C-A612FA86C858}] => (Allow) C:\Program Files (x86)\AVG2015\avgmfapx.exe => No File
FirewallRules: [{88D860FE-F500-4AD2-B3AF-23142A6DBB6A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{CCA0975B-BD28-4BCF-A1DD-A33FD21ADD02}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{C53EA68D-6923-4795-BB6E-9ECDDE87504E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6905615F-9C5A-4020-8192-78DEE35CE8AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B56F5711-D6D4-4778-8157-38BBA59112E6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2BDC958D-45C6-49AF-A23F-4FDBBA69A3A0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{85E9AE47-E879-4410-A946-FAA97680D668}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4F5F1D17-E6F2-4D66-BDDD-9D0838F1A607}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{E6EBB148-E34D-42DC-8228-DCA6C59F8A33}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe () [File not signed]
FirewallRules: [UDP Query User{E02E7173-82CC-499E-A5E4-9255F4F9D191}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe () [File not signed]
FirewallRules: [{EC543A58-BFA7-438A-B8B6-64F11C1AE179}] => (Block) D:\games\blur\blur.exe () [File not signed]
FirewallRules: [{C6672F50-44D8-40FA-9677-02C54E0B5BDE}] => (Block) D:\games\blur\blur.exe () [File not signed]
==================== Restore Points =========================
24-10-2019 22:53:49 Tweaking.com - Windows Repair 2018
30-11-2019 15:56:07 Instalováno Realtek Ethernet Controller Driver
11-03-2020 20:00:01 Removed RollerCoaster Tycoon Deluxe
11-03-2020 20:25:32 Instalační služba modulů systému Windows
18-10-2020 19:14:02 Installed Trust Webcam 15007
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/18/2020 07:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a5e6bbc0-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4c4ab57-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4b65d3e-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4aa717d-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a354ed67-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a2d1cc24-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a2bb94f3-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/18/2020 07:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 53618939634.exe, verze: 1.0.0.1, časové razítko: 0x5d890137
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0f589c1a
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0x01d6a57864327397
Cesta k chybující aplikaci: D:\Docs\AppData\Local\dde36eee-653b-444a-a167-0750fbabc0c9\53618939634.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a2a0bf9b-116b-11eb-82a9-fcaa14b47617
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/18/2020 08:01:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.ZuneMusic.
Error: (10/18/2020 08:01:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.Office.OneNote.
Error: (10/18/2020 08:01:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.VCLibs.110.00.
Error: (10/18/2020 08:01:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.VCLibs.120.00.Preview.
Error: (10/18/2020 08:01:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.WinJS.1.0.
Error: (10/18/2020 08:01:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): Microsoft.Media.PlayReadyClient.
Error: (10/18/2020 07:51:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Main Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/18/2020 07:50:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
CodeIntegrity:
===================================
Date: 2020-10-18 19:50:33.922
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-18 19:24:12.266
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-18 19:00:03.230
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-18 18:02:24.800
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-16 18:17:18.255
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-15 14:37:16.945
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-03-11 19:14:49.432
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-03-11 18:46:55.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F6 04/21/2015
Motherboard: Gigabyte Technology Co., Ltd. H97M-D3H
Processor: Intel(R) Pentium(R) CPU G3450 @ 3.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3970.64 MB
Available physical RAM: 1819.12 MB
Total Virtual: 8066.64 MB
Available Virtual: 5726.65 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:100.24 GB) (Free:68 GB) NTFS
Drive d: (Data) (Fixed) (Total:830.92 GB) (Free:821.67 GB) NTFS
\\?\Volume{65009edf-2ec0-11e5-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3151426C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=830.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================