Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
truddy
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 12 dub 2005 13:22

prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#1 Příspěvek od truddy »

Logfile of random's system information tool 1.10 (written by random/random)
Run by standa at 2021-05-25 19:16:56
Microsoft Windows 10 Home
System drive C: has 257 GB (53%) free of 487 GB
Total RAM: 8059 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:07, on 25.05.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Users\standa\AppData\Local\Temp\mexe.com
C:\Users\standa\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\standa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus15.msn.com/?pc=ASTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\standa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2132360492-723632287-2629535127-1002\..\Run: [OneDrive] "C:\Users\hanah\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User 'hanah')
O4 - Global Startup: Avast SecureLine VPN.lnk = C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_22a0f1 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_28d9744 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem24.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\90.0.4430.212\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\WINDOWS\system32\ICEsoundService64.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14251 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe -from=task

=========Mozilla firefox=========

ProfilePath - C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll [2021-05-20 410008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04 151872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03 629256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\standa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2021-05-09 1971560]
"GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0"=C:\Program Files\Google\Chrome\Application\chrome.exe [2021-05-08 2396272]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-05-20 33770112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast SecureLine VPN.lnk - C:\Program Files (x86)\AVAST Software\SecureLine VPN\Vpn.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-05-25 19:16:57 ----D---- C:\Program Files (x86)\trend micro
2021-05-25 19:16:56 ----D---- C:\rsit
2021-05-25 18:51:15 ----D---- C:\ProgramData\MicroWorld
2021-05-13 21:28:06 ----A---- C:\WINDOWS\SysWOW64\quickassist.exe
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfps.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfh264enc.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2021-05-13 21:27:59 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\wsp_health.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\wsp_fs.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\tsgqec.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\SessEnv.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\remotepg.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\nshwfp.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\msjet40.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\iemigplugin.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\fwcfg.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\FrameServerClient.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\authfwcfg.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\storagewmi.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\smphost.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\resutils.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\nshhttp.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\mispace.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\clusapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\winipsec.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\wimgapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\rtm.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\polstore.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\nshipsec.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\msIso.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\mprdim.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\mprddm.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iprtrmgr.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iprtprio.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\httpapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\fphc.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\edgeIso.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\drvstore.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\DMAppsRes.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\dabapi.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\WordBreakers.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32u.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32k.sys
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\wfapigp.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\uReFS.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\TextInputFramework.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\SndVolSSO.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\SHCore.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\ngccredprov.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\mskeyprotect.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\fwbase.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\FirewallAPI.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\container.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\cldapi.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\certcli.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\AppResolver.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\ReAgent.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\GameInput.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dxgi.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dsregtask.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dsreg.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\directmanipulation.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\aadtb.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\aadauthhelper.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\Wpc.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\taskschd.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\stobject.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\InputSwitch.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\explorer.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\diskpart.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\cmifw.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\AarSvc.dll
2021-05-13 21:27:37 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2021-05-13 21:27:22 ----A---- C:\WINDOWS\explorer.exe
2021-05-13 21:18:40 ----A---- C:\WINDOWS\SysWOW64\poqexec.exe

======List of files/folders modified in the last 1 month======

2021-05-25 19:17:13 ----D---- C:\ProgramData\Mozilla
2021-05-25 19:17:01 ----D---- C:\WINDOWS\prefetch
2021-05-25 19:16:57 ----RD---- C:\Program Files (x86)
2021-05-25 19:16:09 ----D---- C:\WINDOWS\Temp
2021-05-25 19:16:07 ----RD---- C:\Program Files
2021-05-25 19:13:37 ----D---- C:\FRST
2021-05-25 19:13:31 ----SHD---- C:\System Volume Information
2021-05-25 19:05:58 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:03:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-05-25 18:51:15 ----HD---- C:\ProgramData
2021-05-25 18:17:31 ----D---- C:\ProgramData\NVIDIA
2021-05-25 16:07:10 ----D---- C:\WINDOWS\AppReadiness
2021-05-25 16:06:52 ----RD---- C:\WINDOWS\Microsoft.NET
2021-05-23 14:23:48 ----SHD---- C:\WINDOWS\Installer
2021-05-23 14:18:38 ----D---- C:\WINDOWS\apppatch
2021-05-18 07:54:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-05-16 09:03:43 ----D---- C:\WINDOWS\WinSxS
2021-05-15 17:15:29 ----D---- C:\WINDOWS\INF
2021-05-14 07:42:27 ----D---- C:\WINDOWS\System32
2021-05-13 22:47:20 ----ASH---- C:\DumpStack.log.tmp
2021-05-13 22:47:19 ----D---- C:\WINDOWS\ServiceState
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\wbem
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\migration
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\en-US
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SystemResources
2021-05-13 22:44:41 ----RD---- C:\WINDOWS\PrintDialog
2021-05-13 22:44:41 ----D---- C:\WINDOWS\Provisioning
2021-05-13 22:44:41 ----D---- C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44:41 ----D---- C:\WINDOWS\en-US
2021-05-13 22:44:41 ----D---- C:\WINDOWS\DiagTrack
2021-05-13 22:44:41 ----D---- C:\WINDOWS\cs-CZ
2021-05-13 22:44:41 ----D---- C:\WINDOWS\bcastdvr
2021-05-13 22:44:41 ----D---- C:\Windows
2021-05-13 21:57:45 ----D---- C:\WINDOWS\LiveKernelReports
2021-05-13 21:30:54 ----D---- C:\WINDOWS\CbsTemp
2021-05-11 20:34:21 ----D---- C:\WINDOWS\debug
2021-04-28 21:57:55 ----D---- C:\ProgramData\Packages
2021-04-28 21:25:07 ----D---- C:\ProgramData\HP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-11-06 29696]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 CimFS;CimFS; C:\WINDOWS\SysWOW64\drivers\CimFS.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys []
R3 AsusSGDrv;@oem12.inf,%AsusSGDrv.SvcDesc%;ASUS Touch Service; C:\WINDOWS\System32\drivers\AsusSGDrv.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys []
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys []
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys []
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys []
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys []
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys []
R3 HIDSwitch;@oem91.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsRadioControl.sys []
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdkmd64.sys [2019-10-30 20620368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem46.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_0d54ec4feb82b9c1\IntcDAud.sys [2019-10-30 674152]
R3 MEIx64;@oem32.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys []
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys []
R3 MpKsl57630379;MpKsl57630379; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BD841C7-C7AE-43B5-A2E9-7E45AE87EC5B}\MpKslDrv.sys [2021-05-25 107744]
R3 MpKsld3c22837;MpKsld3c22837; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00F7EC56-90B7-4A9D-B67B-0F204C207CDF}\MpKslDrv.sys [2021-05-25 107744]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [2017-12-12 17003280]
R3 nvvad_WaveExtensible;@oem90.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys []
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys []
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswVpnRdr;Avast SecureLine VPN Driver; C:\WINDOWS\system32\drivers\aswVpnRdr.sys []
S3 bmfilter;@oem67.inf,%bmfilter.SvcDesc%;Network Connect USB Composite Device Filter Driver; C:\WINDOWS\System32\drivers\qcusbfilter.sys []
S3 bmusbser;@oem42.inf,%BMUSBSER%;Network Connect USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\qcusbser.sys []
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 dg_ssudbus;@oem20.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus2.sys []
S3 DSI_SiUSBXp_3_1;DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys []
S3 eu3eusbser;@oem23.inf,%SERVICE_DISPLAY_NAME%;Cinterion EU3-E USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\eu3eusbser.sys []
S3 gameflt;@oem5.inf,%ServiceName%;gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_3af6b7fbc809d4f2\gameflt.sys [2020-11-20 72048]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys []
S3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2_I2C;@oem40.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys []
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys []
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 iwdbus;@oem1.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-09 19576]
S3 NvStUSB;@oem10.inf,%NvStUSB.SvcDesc%;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys []
S3 NVSWCFilter;@oem56.inf,%NVSWCFilter.SvcDesc%;NVIDIA SHIELD Wireless Controller Trackpad Service; C:\WINDOWS\System32\drivers\nvswcfilter.sys []
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys []
S3 qcusbser;@oem2.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\qcusbser.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 CDPUserSvc_22a0f1;Uživatelská služba platformy připojených zařízení_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 CDPUserSvc_28d9744;Uživatelská služba platformy připojených zařízení_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-04-28 8798600]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R2 HPPrintScanDoctorService;HP Print Scan Doctor Service; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [2021-05-12 288360]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-04 462920]
R2 OneSyncSvc_22a0f1;Hostitel synchronizace_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 OneSyncSvc_28d9744;Hostitel synchronizace_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 cbdhsvc_22a0f1;Uživatelská služba schránky_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 cbdhsvc_28d9744;Uživatelská služba schránky_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 PimIndexMaintenanceSvc_28d9744;Data kontaktů_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-22 123704]
S2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe [2019-10-30 510008]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-02-14 143144]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-02-14 214960]
S2 esifsvc;@oem24.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2015-11-09 1392792]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-09 1156216]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-14 154440]
S2 ICEsoundService;ICEsound Service; C:\WINDOWS\system32\ICEsoundService64.exe []
S2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe [2019-10-30 391736]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648]
S2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [2016-04-03 133480]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-09 1872504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-09 6477432]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc_22a0f1;Agent Activation Runtime_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc_28d9744;Agent Activation Runtime_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService_22a0f1;Uživatelská služba pro GameDVR a vysílání her_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService_28d9744;Uživatelská služba pro GameDVR a vysílání her_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService_22a0f1;Služba pro podporu uživatelů Bluetooth_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService_28d9744;Služba pro podporu uživatelů Bluetooth_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService_22a0f1;CaptureService_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService_28d9744;CaptureService_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc_22a0f1;ConsentUX_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc_28d9744;ConsentUX_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe [2019-10-30 508984]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_22a0f1;CredentialEnrollmentManagerUserSvc_22a0f1; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_28d9744;CredentialEnrollmentManagerUserSvc_28d9744; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-02-14 143144]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DeviceAssociationBrokerSvc_22a0f1;DeviceAssociationBroker_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DeviceAssociationBrokerSvc_28d9744;DeviceAssociationBroker_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc_22a0f1;DevicePicker_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc_28d9744;DevicePicker_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc_22a0f1;Tok zařízení_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc_28d9744;Tok zařízení_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-02-14 214960]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\90.0.4430.212\elevation_service.exe [2021-05-08 1498216]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-14 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService_22a0f1;Služba zasílání zpráv_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService_28d9744;Služba zasílání zpráv_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\elevation_service.exe [2021-05-20 1567648]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-05-25 242672]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-09 8185464]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 263496]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe []
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PimIndexMaintenanceSvc_22a0f1;Data kontaktů_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc_22a0f1;PrintWorkflow_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc_28d9744;PrintWorkflow_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]

-----------------EOF-----------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by standa (25-05-2021 19:25:54)
Running from C:\Users\standa\Downloads
Windows 10 Home Version 20H2 19042.985 (X64) (2021-02-14 00:18:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2132360492-723632287-2629535127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2132360492-723632287-2629535127-503 - Limited - Disabled)
Guest (S-1-5-21-2132360492-723632287-2629535127-501 - Limited - Disabled)
hanah (S-1-5-21-2132360492-723632287-2629535127-1002 - Limited - Enabled) => C:\Users\hanah
standa (S-1-5-21-2132360492-723632287-2629535127-1001 - Administrator - Enabled) => C:\Users\standa
WDAGUtilityAccount (S-1-5-21-2132360492-723632287-2629535127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.135 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.11.5523.2244 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
File Magic (HKLM\...\File Magic_is1) (Version: 1.9.8.19 - Solvusoft Corporation)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.39.1 - Mio Technology Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10299 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TotalXMLConverter (HKLM-x32\...\Total XML Converter_is1) (Version: 3.5 - Softplicity, Inc.)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
Windows Driver Package - ASUS (AsusSGDrv) Mouse (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-24] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-02-17] (MAGIX)
MyASUS-Service Center -> C:\Program Files\WindowsApps\b9eced6f.myasus_3.3.11.0_x86__qmba6cd70vzyy [2021-02-17] (ASUSTeK COMPUTER INC.) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2021-02-17] (TripAdvisor LLC)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-04-23] (VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{26D8ED70-189A-48FD-9482-67F08AAC0D31}] -> {26D8ED70-189A-48FD-9482-67F08AAC0D31} => C:\Program Files\CoolUtils\TotalXMLConverter\CoolUtilsContextMenu64.dll [2018-05-20] (Softplicity -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxDTCM.dll [2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\standa\Desktop\Osobní - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\Desktop\rustonka - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\standa\Desktop\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Diagnostika připojení Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\HP Print pro Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cjanmonomjogheabiocdamfpknlpdehm
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nástroj na obnovení Chromebooku.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2021-02-14 15:20 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2021-03-01 17:26 - 2021-03-01 17:26 - 000000504 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.205 COM-MID1.mshome.net # 2021 3 1 8 15 26 1 839
192.168.137.1 DESKTOP-J5SRGEL.mshome.net # 2026 2 6 28 15 26 1 839

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6BB4F30E-63F3-4206-8C2A-112A4E1E12D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1F70493-48E9-452A-9138-337D2945C70C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D37B691C-47EE-4E42-AFA7-9091226952E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1D91743-9D5F-47D9-AEA9-CAD241264DAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C98EC5B8-7B2B-467F-812F-15F4B305A98C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52C1A80B-2788-48F1-8C4F-0A12B85F3809}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68C8A16E-3C53-4D9A-9A86-2E4E8F516703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71AAD653-4B5B-4C0D-9867-06BEDFCAAD13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55195C66-EDF4-4471-AD5D-ABB7356756CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5EF380D-DEA8-4BB3-8CA6-89D25384A092}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{670C6701-AAA6-4133-BE94-ECE69E360925}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AF14C86-2A5C-44E9-B840-7D3CDE1F0494}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{AC3102B1-CDDF-4C31-B84D-8ED4A93DF8AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{CA4A6D16-3F17-434B-8481-6EB96246DC83}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D4DF826F-1DC0-4F91-8CAC-8B9A193AE84D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{973CCF2A-D4D8-4D50-9E59-7B087760639A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87B0F7BB-F4A7-446F-875C-06E14A0E7221}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52FE2970-BB8E-40AF-92D9-7466797ED74B}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{087F9B5C-2265-422B-817A-252B575826AF}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1F28A119-4FA2-4BB0-92CB-2DFF820CAC89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-05-2021 19:36:41 Naplánovaný kontrolní bod
13-05-2021 21:18:23 Instalační služba modulů systému Windows
13-05-2021 21:20:42 Instalační služba modulů systému Windows
23-05-2021 15:32:50 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/25/2021 07:23:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 260

Čas spuštění: 01d751828a7b87c1

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: efa701b2-d5e8-462a-9381-3a34d2d63202

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Navigation

Error: (05/18/2021 07:55:28 AM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Naposledy se nepodařilo spustit Word. Problém byste mohli odstranit pomocí nouzového režimu, některé funkce ale v tomto režimu nemusí být dostupné.

Chcete použít spuštění v nouzovém režimu?.
Rejected Safe Mode action : Microsoft Word.

Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/17/2021 09:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe, identifikátor PID: 3864, identifikátor PID ProfSvc: 1872.

Error: (04/17/2021 09:11:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.867, časové razítko: 0x01b4b287
Název chybujícího modulu: drvsetup.dll_unloaded, verze: 10.0.19041.662, časové razítko: 0x9c748be2
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000073bb
ID chybujícího procesu: 0x3e60
Čas spuštění chybující aplikace: 0x01d733bd5bf56119
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: drvsetup.dll
ID zprávy: 7ba20fd6-bc3d-4dc2-a092-a74e9485b9cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/25/2021 06:17:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/25/2021 06:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-05-25 19:12:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe; file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0

Date: 2021-05-25 19:12:33
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0

Date: 2021-05-25 19:11:21
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-25 18:11:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {363F1AB6-9BDD-4A96-8D93-44125B3B8961}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-25 17:49:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\standa\Downloads\ccsetup540.exe; file:_C:\Users\standa\Downloads\ccsetup562.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-25 16:08:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Desktop\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-09 16:00:39
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-04-27 07:48:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.1657.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

CodeIntegrity:
===============
Date: 2021-04-19 15:08:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-04-19 15:08:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X556UR.316 04/16/2019
Motherboard: ASUSTeK COMPUTER INC. X556UR
Processor: Intel(R) Core(TM) i5-6198DU CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 8059.11 MB
Available physical RAM: 2168.71 MB
Total Virtual: 14408.76 MB
Available Virtual: 7670.12 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.83 GB) (Free:251.28 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{678e74a6-88ec-45f7-a1ce-a04300aeb2c5}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{a52d5a3c-d378-490a-bf3a-46b080250ea5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BFCF66A5)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by standa (administrator) on DESKTOP-J5SRGEL (ASUSTeK COMPUTER INC. X556UR) (25-05-2021 19:12:50)
Running from C:\Users\standa\Downloads
Loaded Profiles: standa & hanah
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microworld Technologies Inc. -> MicroWorld Technologies Inc.) C:\Users\standa\AppData\Local\Temp\mexe.com
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <3>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1846016 2015-12-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-05-25]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16AD2706-778D-4FC6-A509-C2CF7AB7D655} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1785B25A-D5DB-48B8-8986-45F1974EB1B3} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {18F9E70F-7D92-4E68-B9AE-CD0175FDFE61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A75D05C-251A-447B-AB0C-5C2362AE8079} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {26C97CE0-C81D-4DAF-ABB9-C08314117A4E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {40AAE5E9-8B5D-4F37-B03B-1FD384E1300A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-05-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {4734CB73-D8E0-443D-9F78-6893B25D8A40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA8F7C2-F8B9-4473-855B-6E15787BD164} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866784 2021-05-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 6d670568-9067-4d67-896c-3531811857e2
Task: {752D5DB1-BC71-499C-A6A0-EC6F848A1E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {758D18B5-4B92-47DD-931A-C26D9208EBF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79DAA134-8091-47C5-B077-D8C79EA7F9A8} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {7DD9ACBB-BD5D-4C23-AA79-45A855377536} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {94DDE213-114F-41EC-B175-BFF55EB79A73} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {9C5E7F86-3C8F-42AE-817C-3EA05C8C14C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A301180F-7C2C-42E2-93DE-FC04A84B893E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A62AECC7-00A5-4D56-AAF6-B9848DDDE809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A88C38A4-2E02-4737-AE3A-909F08B720D0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865696 2021-05-20] (Avast Software s.r.o. -> Avast Software)
Task: {AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {BDDE9473-00A1-462C-B1DE-46B03B970D2B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197792 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {C2937FC3-AC63-4FB0-AC92-0B6828D83CE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC4F7D34-0521-40DD-9964-11DA172535E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Avast SecureLine VPN Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\DropboxOEM" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IcarusAvastVpnUpgrade" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E9662DD1-EF8D-4BDF-8669-01A41429DD8E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E9BADE62-406A-4788-AE16-25D9E6EAC127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2C6D650-C4BA-4A97-BB46-D84DCD92D1F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{270ea8cf-b547-4abf-8d97-3949c6eda3b9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c31ac88-b000-42e5-89b9-01fa484bb71e}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-25]
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-05-25]

FireFox:
========
FF DefaultProfile: 2xjobbz8.default
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\2xjobbz8.default [2021-02-14]
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release [2021-05-25]
FF NewTab: Mozilla\Firefox\Profiles\z806poz8.default-release -> about:newtab
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default [2021-05-25]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (HP Print pro Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjanmonomjogheabiocdamfpknlpdehm [2021-02-14]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2021-02-14]
CHR Extension: (Diagnostika připojení Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2021-02-14]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2021-02-14]
CHR Extension: (Google Play) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2021-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-11]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8615648 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [141304 2015-12-18] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2021-02-14] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 bmfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [55304 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 bmusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [251400 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 eu3eusbser; C:\WINDOWS\System32\drivers\eu3eusbser.sys [121984 2016-01-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29280 2018-09-11] (Hewlett-Packard Company -> Hewlett Packard)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKsl57630379; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BD841C7-C7AE-43B5-A2E9-7E45AE87EC5B}\MpKslDrv.sys [107744 2021-05-25] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsld3c22837; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00F7EC56-90B7-4A9D-B67B-0F204C207CDF}\MpKslDrv.sys [107744 2021-05-25] (Microsoft Windows -> Microsoft Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-25 19:16 - 2021-05-25 19:17 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-05-25 19:16 - 2021-05-25 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-25 19:07 - 2021-05-25 19:07 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64(2).exe
2021-05-25 19:07 - 2021-05-25 19:07 - 001107968 _____ C:\Users\standa\Downloads\RSIT.exe
2021-05-25 19:06 - 2021-05-25 19:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-25 19:04 - 2021-05-25 19:05 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64 (3).exe
2021-05-25 18:57 - 2021-05-25 18:57 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\Nepotvrzeno 374659.crdownload
2021-05-25 18:56 - 2021-05-25 18:56 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64 (1).exe
2021-05-25 18:51 - 2021-05-25 18:51 - 000001056 _____ C:\Users\standa\Desktop\MWAVSCAN.lnk
2021-05-25 18:51 - 2021-05-25 18:51 - 000000000 ____D C:\ProgramData\MicroWorld
2021-05-25 18:43 - 2021-05-25 18:45 - 254521712 _____ C:\Users\standa\Downloads\mwav (2).exe
2021-05-23 15:13 - 2021-05-23 15:13 - 000504816 _____ C:\Users\standa\Downloads\2200080958 (1).pdf
2021-05-23 14:22 - 2021-05-23 14:22 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2021-05-17 21:20 - 2021-05-17 21:20 - 000352967 _____ C:\Users\standa\Downloads\Technick-list-kamenny-a-mramorovy-koberec-epoxi(7).pdf
2021-05-13 22:47 - 2021-05-13 22:47 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-13 21:28 - 2021-05-13 21:28 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 21:27 - 2021-05-13 21:27 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-11 22:27 - 2021-05-11 22:29 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021 upravená verze.xls
2021-05-02 21:43 - 2021-05-02 21:43 - 000000000 ____D C:\Users\hanah\AppData\Roaming\Foxit Software
2021-05-02 17:39 - 2021-05-02 17:39 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual (1).pdf
2021-05-02 17:37 - 2021-05-02 17:37 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual.pdf
2021-04-28 21:22 - 2021-04-28 21:22 - 016142144 _____ (HP Inc.) C:\Users\standa\Downloads\HPPSdr (3).exe
2021-04-28 21:15 - 2021-04-28 21:15 - 000051240 _____ C:\Users\standa\Downloads\Informace o splatnosti k pojistné smlouvě číslo 8492051828.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-25 19:17 - 2021-02-14 09:52 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-25 19:16 - 2021-02-14 09:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-25 19:16 - 2017-01-08 14:12 - 000000000 ____D C:\Users\standa\AppData\LocalLow\Mozilla
2021-05-25 19:14 - 2019-04-03 16:42 - 000025211 _____ C:\Users\standa\Downloads\FRST.txt
2021-05-25 19:13 - 2019-04-03 16:41 - 000000000 ____D C:\FRST
2021-05-25 19:05 - 2021-02-14 09:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:03 - 2021-02-14 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-25 18:32 - 2021-02-14 01:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-25 18:17 - 2021-02-14 15:39 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-05-25 18:17 - 2021-02-14 01:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-25 18:16 - 2021-03-19 19:09 - 000000000 ____D C:\Program Files\CCleaner
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-25 15:51 - 2021-03-19 19:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-25 15:49 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-23 14:22 - 2016-11-04 03:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-23 14:16 - 2021-02-14 09:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-23 14:16 - 2021-02-14 09:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-20 11:50 - 2021-02-14 10:30 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-05-18 08:05 - 2021-02-17 18:16 - 000000000 ____D C:\Users\hanah\AppData\Local\Packages
2021-05-18 07:57 - 2017-01-22 12:37 - 000000000 ___RD C:\Users\hanah\OneDrive
2021-05-18 07:54 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-18 07:54 - 2017-01-22 12:36 - 000000000 __SHD C:\Users\hanah\IntelGraphicsProfiles
2021-05-16 08:54 - 2021-02-14 09:16 - 000000000 ____D C:\Users\standa\AppData\Local\Packages
2021-05-15 22:15 - 2021-02-14 01:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-15 17:15 - 2021-02-14 01:23 - 000000000 ____D C:\WINDOWS\INF
2021-05-14 07:42 - 2021-02-14 01:26 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-14 07:42 - 2021-02-14 01:26 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-14 07:42 - 2016-04-03 06:19 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-13 23:08 - 2021-02-14 09:24 - 000000000 ____D C:\Users\standa\AppData\Local\PlaceholderTileLogoFolder
2021-05-13 22:49 - 2017-01-08 13:28 - 000000000 ___RD C:\Users\standa\OneDrive
2021-05-13 22:48 - 2017-01-08 13:26 - 000000000 __SHD C:\Users\standa\IntelGraphicsProfiles
2021-05-13 22:47 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-13 22:47 - 2020-11-06 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 22:46 - 2021-02-14 01:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 22:46 - 2021-02-14 01:40 - 000436504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 22:46 - 2016-04-03 06:35 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-13 22:46 - 2016-04-03 06:35 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-13 22:45 - 2021-02-14 01:18 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 22:44 - 2021-02-14 01:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 21:57 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-13 21:30 - 2021-02-14 01:24 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 21:30 - 2021-02-14 01:19 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 17:00 - 2021-02-14 09:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 17:00 - 2021-02-14 09:33 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 22:24 - 2021-02-11 16:41 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021.xls
2021-05-11 19:08 - 2021-02-14 09:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 19:05 - 2021-02-14 09:51 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 19:43 - 2021-02-17 18:17 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002
2021-05-10 19:43 - 2021-02-14 01:54 - 000002363 _____ C:\Users\hanah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-09 15:59 - 2021-02-14 09:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001
2021-05-09 15:59 - 2021-02-14 01:54 - 000002366 _____ C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-05 18:11 - 2021-02-14 02:12 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 18:11 - 2021-02-14 02:12 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-02 21:43 - 2021-02-17 18:21 - 000000000 ____D C:\Users\hanah\AppData\Local\PlaceholderTileLogoFolder
2021-04-28 21:57 - 2021-02-14 09:16 - 000000000 ____D C:\ProgramData\Packages
2021-04-28 21:54 - 2021-04-10 08:02 - 000002378 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2021-04-28 21:25 - 2021-04-10 08:02 - 000000000 ____D C:\ProgramData\HP
2021-04-26 18:56 - 2021-02-14 09:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 18:56 - 2021-02-14 09:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-05-25 19:25 - 2021-05-25 19:25 - 000000000 _____ () C:\Users\standa\AppData\Local\{93DF8DF9-272E-489A-A5CF-CC9464B1BB73}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

truddy
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 12 dub 2005 13:22

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#3 Příspěvek od truddy »

vůbec to nešlo do restartu a když jsem udělal proces znovu tak stejně to detekuje ten "amazon" znovu
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-25-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Amazon Assistant for Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6323 octets] - [14/02/2021 09:06:14]
AdwCleaner[C00].txt - [6985 octets] - [14/02/2021 09:07:40]
AdwCleaner[S01].txt - [1528 octets] - [14/02/2021 09:11:29]
AdwCleaner[S02].txt - [1589 octets] - [14/02/2021 09:23:20]
AdwCleaner[S03].txt - [1708 octets] - [14/02/2021 17:06:02]
AdwCleaner[S04].txt - [1769 octets] - [28/02/2021 19:32:10]
AdwCleaner[C04].txt - [1939 octets] - [28/02/2021 19:32:19]
AdwCleaner[S05].txt - [1891 octets] - [19/03/2021 18:04:48]
AdwCleaner[C05].txt - [2061 octets] - [19/03/2021 18:04:56]
AdwCleaner[S06].txt - [2013 octets] - [26/03/2021 07:44:47]
AdwCleaner[C06].txt - [2183 octets] - [26/03/2021 07:44:56]
AdwCleaner[S07].txt - [2135 octets] - [18/04/2021 12:17:31]
AdwCleaner[C07].txt - [2305 octets] - [18/04/2021 12:17:39]
AdwCleaner[S08].txt - [2257 octets] - [25/05/2021 18:17:21]
AdwCleaner[C08].txt - [2427 octets] - [25/05/2021 18:17:31]
AdwCleaner[S09].txt - [2379 octets] - [25/05/2021 22:37:15]
AdwCleaner[C09].txt - [2549 octets] - [25/05/2021 22:37:30]
AdwCleaner[S10].txt - [2501 octets] - [25/05/2021 22:38:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C10].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

truddy
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 12 dub 2005 13:22

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#5 Příspěvek od truddy »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by standa (26-05-2021 20:06:56)
Running from C:\Users\standa\Downloads
Windows 10 Home Version 20H2 19042.985 (X64) (2021-02-14 00:18:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2132360492-723632287-2629535127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2132360492-723632287-2629535127-503 - Limited - Disabled)
Guest (S-1-5-21-2132360492-723632287-2629535127-501 - Limited - Disabled)
hanah (S-1-5-21-2132360492-723632287-2629535127-1002 - Limited - Enabled) => C:\Users\hanah
standa (S-1-5-21-2132360492-723632287-2629535127-1001 - Administrator - Enabled) => C:\Users\standa
WDAGUtilityAccount (S-1-5-21-2132360492-723632287-2629535127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.135 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.11.5539.2304 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
File Magic (HKLM\...\File Magic_is1) (Version: 1.9.8.19 - Solvusoft Corporation)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.39.1 - Mio Technology Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10299 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TotalXMLConverter (HKLM-x32\...\Total XML Converter_is1) (Version: 3.5 - Softplicity, Inc.)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
Windows Driver Package - ASUS (AsusSGDrv) Mouse (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-24] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-02-17] (MAGIX)
MyASUS-Service Center -> C:\Program Files\WindowsApps\b9eced6f.myasus_3.3.11.0_x86__qmba6cd70vzyy [2021-02-17] (ASUSTeK COMPUTER INC.) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2021-02-17] (TripAdvisor LLC)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-04-23] (VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{26D8ED70-189A-48FD-9482-67F08AAC0D31}] -> {26D8ED70-189A-48FD-9482-67F08AAC0D31} => C:\Program Files\CoolUtils\TotalXMLConverter\CoolUtilsContextMenu64.dll [2018-05-20] (Softplicity -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxDTCM.dll [2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\standa\Desktop\Osobní - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\Desktop\rustonka - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\standa\Desktop\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Diagnostika připojení Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\HP Print pro Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cjanmonomjogheabiocdamfpknlpdehm
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nástroj na obnovení Chromebooku.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2021-02-14 15:20 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2021-03-01 17:26 - 2021-03-01 17:26 - 000000504 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.205 COM-MID1.mshome.net # 2021 3 1 8 15 26 1 839
192.168.137.1 DESKTOP-J5SRGEL.mshome.net # 2026 2 6 28 15 26 1 839

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6BB4F30E-63F3-4206-8C2A-112A4E1E12D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1F70493-48E9-452A-9138-337D2945C70C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D37B691C-47EE-4E42-AFA7-9091226952E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1D91743-9D5F-47D9-AEA9-CAD241264DAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C98EC5B8-7B2B-467F-812F-15F4B305A98C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52C1A80B-2788-48F1-8C4F-0A12B85F3809}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68C8A16E-3C53-4D9A-9A86-2E4E8F516703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71AAD653-4B5B-4C0D-9867-06BEDFCAAD13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55195C66-EDF4-4471-AD5D-ABB7356756CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5EF380D-DEA8-4BB3-8CA6-89D25384A092}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{670C6701-AAA6-4133-BE94-ECE69E360925}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AF14C86-2A5C-44E9-B840-7D3CDE1F0494}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{AC3102B1-CDDF-4C31-B84D-8ED4A93DF8AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{CA4A6D16-3F17-434B-8481-6EB96246DC83}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D4DF826F-1DC0-4F91-8CAC-8B9A193AE84D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{973CCF2A-D4D8-4D50-9E59-7B087760639A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87B0F7BB-F4A7-446F-875C-06E14A0E7221}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52FE2970-BB8E-40AF-92D9-7466797ED74B}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{087F9B5C-2265-422B-817A-252B575826AF}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1F28A119-4FA2-4BB0-92CB-2DFF820CAC89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-05-2021 19:36:41 Naplánovaný kontrolní bod
13-05-2021 21:18:23 Instalační služba modulů systému Windows
13-05-2021 21:20:42 Instalační služba modulů systému Windows
23-05-2021 15:32:50 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/25/2021 07:38:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mexe.com, verze: 20.0.9.0, časové razítko: 0x602e9f77
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.964, časové razítko: 0xb7db0838
Kód výjimky: 0xc00000fd
Posun chyby: 0x00030fbf
ID chybujícího procesu: 0x3394
Čas spuštění chybující aplikace: 0x01d751862cbbda0d
Cesta k chybující aplikaci: C:\Users\standa\AppData\Local\Temp\mexe.com
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c85eeaf0-1350-40e4-afa5-e7bb2b0ea5b1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/25/2021 07:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.19041.844 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 48f4

Čas spuštění: 01d7518721e56f75

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

ID hlášení: 3eb30dd8-1d91-436a-88e2-ca3dc2a1b44e

Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.19041.964_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: SecHealthUI

Typ zablokování: Cross-process

Error: (05/25/2021 07:23:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 260

Čas spuštění: 01d751828a7b87c1

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: efa701b2-d5e8-462a-9381-3a34d2d63202

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Navigation

Error: (05/18/2021 07:55:28 AM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Naposledy se nepodařilo spustit Word. Problém byste mohli odstranit pomocí nouzového režimu, některé funkce ale v tomto režimu nemusí být dostupné.

Chcete použít spuštění v nouzovém režimu?.
Rejected Safe Mode action : Microsoft Word.

Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (05/26/2021 08:03:13 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:13 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:13 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:13 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:13 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:08 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:08 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.

Error: (05/26/2021 08:03:08 PM) (Source: TPM) (EventID: 27) (User: NT AUTHORITY)
Description: Inicializace čipu TPM (Trusted Platform Module) se nezdařila. Čip může být v režimu selhání. Pokud chcete povolit diagnostiku, kontaktujte jeho výrobce a předejte mu připojené informace.


Windows Defender:
================
Date: 2021-05-25 22:55:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EC0FC84F-3990-4D2E-A008-49837C03514B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-25 19:38:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe; file:_C:\Users\standa\Downloads\FRST64 (3).exe; process:_pid:11468,ProcessStart:132664363465412196
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Users\standa\Downloads\FRST64 (3).exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0

Date: 2021-05-25 19:37:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe; file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0

Date: 2021-05-25 19:12:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe; file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0

Date: 2021-05-25 19:12:33
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0

Date: 2021-05-25 16:08:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Desktop\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-09 16:00:39
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-04-27 07:48:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.1657.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

CodeIntegrity:
===============
Date: 2021-04-19 15:08:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-04-19 15:08:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X556UR.316 04/16/2019
Motherboard: ASUSTeK COMPUTER INC. X556UR
Processor: Intel(R) Core(TM) i5-6198DU CPU @ 2.30GHz
Percentage of memory in use: 53%
Total physical RAM: 8059.11 MB
Available physical RAM: 3786.57 MB
Total Virtual: 15739.11 MB
Available Virtual: 10877.45 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.83 GB) (Free:248.98 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{678e74a6-88ec-45f7-a1ce-a04300aeb2c5}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{a52d5a3c-d378-490a-bf3a-46b080250ea5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BFCF66A5)

Partition: GPT.

==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by standa (administrator) on DESKTOP-J5SRGEL (ASUSTeK COMPUTER INC. X556UR) (26-05-2021 20:03:56)
Running from C:\Users\standa\Downloads
Loaded Profiles: standa
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1846016 2015-12-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-05-25]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11F4BB24-E990-413A-B6CB-9E76F620BA54} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197848 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
Task: {16AD2706-778D-4FC6-A509-C2CF7AB7D655} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1785B25A-D5DB-48B8-8986-45F1974EB1B3} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {18F9E70F-7D92-4E68-B9AE-CD0175FDFE61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A75D05C-251A-447B-AB0C-5C2362AE8079} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {26C97CE0-C81D-4DAF-ABB9-C08314117A4E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {4734CB73-D8E0-443D-9F78-6893B25D8A40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA8F7C2-F8B9-4473-855B-6E15787BD164} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866840 2021-05-23] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 6d670568-9067-4d67-896c-3531811857e2
Task: {752D5DB1-BC71-499C-A6A0-EC6F848A1E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {758D18B5-4B92-47DD-931A-C26D9208EBF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79DAA134-8091-47C5-B077-D8C79EA7F9A8} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {7DD9ACBB-BD5D-4C23-AA79-45A855377536} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {94DDE213-114F-41EC-B175-BFF55EB79A73} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {9C5E7F86-3C8F-42AE-817C-3EA05C8C14C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A301180F-7C2C-42E2-93DE-FC04A84B893E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A62AECC7-00A5-4D56-AAF6-B9848DDDE809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A88C38A4-2E02-4737-AE3A-909F08B720D0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865696 2021-05-20] (Avast Software s.r.o. -> Avast Software)
Task: {AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {C2937FC3-AC63-4FB0-AC92-0B6828D83CE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC4F7D34-0521-40DD-9964-11DA172535E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Avast SecureLine VPN Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\DropboxOEM" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IcarusAvastVpnUpgrade" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E9662DD1-EF8D-4BDF-8669-01A41429DD8E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E9BADE62-406A-4788-AE16-25D9E6EAC127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0CC5797-672F-4E40-BED7-F502092097AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {F2C6D650-C4BA-4A97-BB46-D84DCD92D1F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{270ea8cf-b547-4abf-8d97-3949c6eda3b9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c31ac88-b000-42e5-89b9-01fa484bb71e}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-25]
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-05-25]

FireFox:
========
FF DefaultProfile: 2xjobbz8.default
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\2xjobbz8.default [2021-02-14]
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release [2021-05-26]
FF NewTab: Mozilla\Firefox\Profiles\z806poz8.default-release -> about:newtab
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default [2021-05-26]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (HP Print pro Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjanmonomjogheabiocdamfpknlpdehm [2021-02-14]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2021-02-14]
CHR Extension: (Diagnostika připojení Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2021-02-14]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2021-02-14]
CHR Extension: (Google Play) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2021-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-11]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8613144 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [141304 2015-12-18] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2021-02-14] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 bmfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [55304 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 bmusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [251400 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 eu3eusbser; C:\WINDOWS\System32\drivers\eu3eusbser.sys [121984 2016-01-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29280 2018-09-11] (Hewlett-Packard Company -> Hewlett Packard)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKslba6d049a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{730C8BF1-D387-45AD-AFCD-037D2764D05D}\MpKslDrv.sys [107744 2021-05-26] (Microsoft Windows -> Microsoft Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-25 22:36 - 2021-05-25 22:36 - 008534696 _____ (Malwarebytes) C:\Users\standa\Downloads\adwcleaner_8.2.exe
2021-05-25 21:09 - 2021-05-25 21:09 - 000010804 _____ C:\Users\standa\Downloads\pavaon.xlsx
2021-05-25 20:44 - 2021-05-25 20:44 - 096993280 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-05-25 20:43 - 2021-05-25 20:44 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-05-25 19:38 - 2021-05-25 19:38 - 000000000 ____D C:\Users\standa\AppData\Local\CrashDumps
2021-05-25 19:16 - 2021-05-25 19:17 - 000000000 ____D C:\rsit
2021-05-25 19:16 - 2021-05-25 19:17 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-05-25 19:16 - 2021-05-25 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-25 19:07 - 2021-05-25 19:07 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64(2).exe
2021-05-25 19:07 - 2021-05-25 19:07 - 001107968 _____ C:\Users\standa\Downloads\RSIT.exe
2021-05-25 19:06 - 2021-05-25 19:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-25 18:57 - 2021-05-25 18:57 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\Nepotvrzeno 374659.crdownload
2021-05-25 18:51 - 2021-05-25 18:51 - 000001056 _____ C:\Users\standa\Desktop\MWAVSCAN.lnk
2021-05-25 18:51 - 2021-05-25 18:51 - 000000000 ____D C:\ProgramData\MicroWorld
2021-05-25 18:43 - 2021-05-25 18:45 - 254521712 _____ C:\Users\standa\Downloads\mwav (2).exe
2021-05-23 15:13 - 2021-05-23 15:13 - 000504816 _____ C:\Users\standa\Downloads\2200080958 (1).pdf
2021-05-23 14:22 - 2021-05-23 14:22 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2021-05-17 21:20 - 2021-05-17 21:20 - 000352967 _____ C:\Users\standa\Downloads\Technick-list-kamenny-a-mramorovy-koberec-epoxi(7).pdf
2021-05-13 22:47 - 2021-05-13 22:47 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-13 21:28 - 2021-05-13 21:28 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 21:27 - 2021-05-13 21:27 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-11 22:27 - 2021-05-11 22:29 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021 upravená verze.xls
2021-05-02 21:43 - 2021-05-02 21:43 - 000000000 ____D C:\Users\hanah\AppData\Roaming\Foxit Software
2021-05-02 17:39 - 2021-05-02 17:39 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual (1).pdf
2021-05-02 17:37 - 2021-05-02 17:37 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual.pdf
2021-04-28 21:22 - 2021-04-28 21:22 - 016142144 _____ (HP Inc.) C:\Users\standa\Downloads\HPPSdr (3).exe
2021-04-28 21:15 - 2021-04-28 21:15 - 000051240 _____ C:\Users\standa\Downloads\Informace o splatnosti k pojistné smlouvě číslo 8492051828.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-26 20:04 - 2019-04-03 16:42 - 000024905 _____ C:\Users\standa\Downloads\FRST.txt
2021-05-26 20:04 - 2019-04-03 16:41 - 000000000 ____D C:\FRST
2021-05-26 20:03 - 2021-02-14 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-26 19:38 - 2021-03-19 19:09 - 000000000 ____D C:\Program Files\CCleaner
2021-05-26 19:35 - 2021-02-14 01:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-25 22:56 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-25 22:38 - 2021-02-14 15:39 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-05-25 22:38 - 2021-02-14 01:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-25 19:51 - 2021-02-14 01:26 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-25 19:51 - 2021-02-14 01:26 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-25 19:51 - 2021-02-14 01:23 - 000000000 ____D C:\WINDOWS\INF
2021-05-25 19:51 - 2016-04-03 06:19 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-25 19:48 - 2017-01-08 13:28 - 000000000 ___RD C:\Users\standa\OneDrive
2021-05-25 19:47 - 2017-01-08 13:26 - 000000000 __SHD C:\Users\standa\IntelGraphicsProfiles
2021-05-25 19:47 - 2016-11-04 03:49 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-25 19:46 - 2021-02-14 09:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:46 - 2021-02-14 01:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-25 19:46 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-25 19:46 - 2020-11-06 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-25 19:41 - 2021-02-14 01:18 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-25 19:34 - 2019-04-03 16:43 - 000035620 _____ C:\Users\standa\Downloads\Addition.txt
2021-05-25 19:29 - 2021-02-14 09:52 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-25 19:29 - 2017-01-08 14:12 - 000000000 ____D C:\Users\standa\AppData\LocalLow\Mozilla
2021-05-25 19:16 - 2021-02-14 09:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-25 15:51 - 2021-03-19 19:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-25 15:49 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-23 14:22 - 2016-11-04 03:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-23 14:16 - 2021-02-14 09:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-23 14:16 - 2021-02-14 09:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-20 11:50 - 2021-02-14 10:30 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-05-18 08:05 - 2021-02-17 18:16 - 000000000 ____D C:\Users\hanah\AppData\Local\Packages
2021-05-18 07:57 - 2017-01-22 12:37 - 000000000 ___RD C:\Users\hanah\OneDrive
2021-05-18 07:54 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-18 07:54 - 2017-01-22 12:36 - 000000000 __SHD C:\Users\hanah\IntelGraphicsProfiles
2021-05-16 08:54 - 2021-02-14 09:16 - 000000000 ____D C:\Users\standa\AppData\Local\Packages
2021-05-15 22:15 - 2021-02-14 01:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-13 23:08 - 2021-02-14 09:24 - 000000000 ____D C:\Users\standa\AppData\Local\PlaceholderTileLogoFolder
2021-05-13 22:46 - 2021-02-14 01:40 - 000436504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 22:46 - 2016-04-03 06:35 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-13 22:46 - 2016-04-03 06:35 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-13 22:44 - 2021-02-14 01:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 21:30 - 2021-02-14 01:24 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 21:30 - 2021-02-14 01:19 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 17:00 - 2021-02-14 09:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 17:00 - 2021-02-14 09:33 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 22:24 - 2021-02-11 16:41 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021.xls
2021-05-11 19:08 - 2021-02-14 09:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 19:05 - 2021-02-14 09:51 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 19:43 - 2021-02-17 18:17 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002
2021-05-10 19:43 - 2021-02-14 01:54 - 000002363 _____ C:\Users\hanah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-09 15:59 - 2021-02-14 09:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001
2021-05-09 15:59 - 2021-02-14 01:54 - 000002366 _____ C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-05 18:11 - 2021-02-14 02:12 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 18:11 - 2021-02-14 02:12 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-02 21:43 - 2021-02-17 18:21 - 000000000 ____D C:\Users\hanah\AppData\Local\PlaceholderTileLogoFolder
2021-04-28 21:57 - 2021-02-14 09:16 - 000000000 ____D C:\ProgramData\Packages
2021-04-28 21:54 - 2021-04-10 08:02 - 000002378 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2021-04-28 21:25 - 2021-04-10 08:02 - 000000000 ____D C:\ProgramData\HP
2021-04-26 18:56 - 2021-02-14 09:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 18:56 - 2021-02-14 09:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Users\standa\Desktop\zoek.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1A75D05C-251A-447B-AB0C-5C2362AE8079} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)

EmptyTemp:
End
Uložte do C:\Users\standa\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

truddy
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 12 dub 2005 13:22

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#7 Příspěvek od truddy »

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by standa (26-05-2021 21:56:09) Run:2
Running from C:\Users\standa\Downloads
Loaded Profiles: standa & hanah
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Users\standa\Desktop\zoek.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1A75D05C-251A-447B-AB0C-5C2362AE8079} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Users\standa\Desktop\zoek.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A75D05C-251A-447B-AB0C-5C2362AE8079}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A75D05C-251A-447B-AB0C-5C2362AE8079}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9500206 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41167608 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7194708 B
Edge => 0 B
Chrome => 547156129 B
Firefox => 86771569 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 29818 B
standa => 577686062 B
hanah => 578192906 B
defaultuser100001 => 578192906 B
defaultuser100000 => 578192906 B
defaultuser100000.DESKTOP-J5SRGEL => 578192906 B

RecycleBin => 0 B
EmptyTemp: => 3.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:57:03 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

truddy
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 12 dub 2005 13:22

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#9 Příspěvek od truddy »

ano nastala :-) nic mi to už nehlásí v ochraně díky moc za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno