Hezky den,
mám na vás prosbu o pomoc s kontrolou logu. Po nainstalování a odinstalování Av Morpher webcam mi u Teams přestala fungovat webcamera místo snímání obrazu produkeje jen svislé barevné pruhy. Předem moc děkuji. Přikládám z FRST:
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [976768 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [171320 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hodbo\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\hodbo\AppData\Local\WebEx\ciscowebexstart.exe [4524368 2021-07-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BABBBF3-104E-4618-9D00-730F3C7ABF6B} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4950840 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {0C939ADA-0E56-497F-B06C-D50FBC5421FC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-05-12] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {4F7CEF4B-0748-49BA-B3A6-F0756A3819EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {58E7650D-8E4E-4C93-B974-AC6C50238CA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {669F199C-D5A0-4FF2-8E3F-EB94542E90EE} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {70A7D2EC-5EFC-4BE0-8BA8-880DF7FD2591} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118144 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D1CEDC7-EE95-4B8F-B381-812B1290C44D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C95C349D-C729-4ECE-832F-97737FCB9620} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB1718D0-7C70-48FF-B936-6E6BB6F508B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118144 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA7E32A0-12DE-4A17-B678-A4FC7B263F22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F99CBA96-95E2-4F09-9EDC-4E9149851BA6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682424 2021-07-20] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8ec9d281-d237-4ae0-99fd-92d1eaae4b72}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\hodbo\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-20]
FireFox:
========
FF DefaultProfile: mnlrwu64.default
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\bg3l3l82.default-release-1 [2021-07-20]
FF Homepage: Mozilla\Firefox\Profiles\bg3l3l82.default-release-1 -> www.google.com
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\mnlrwu64.default [2021-05-12]
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\qxnuebb2.default-release-1626735768000 [2021-07-20]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [625976 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [374072 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8297584 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056672 2021-07-08] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35872 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [217056 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [366704 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250464 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99440 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [17344 2021-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41488 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [182736 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [524568 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [108000 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83056 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851344 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [472064 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215536 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327696 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVWEBCAM; C:\WINDOWS\System32\drivers\avwebcam.sys [17152 2010-12-02] (AVSOFT CORP. -> Windows (R) Codename Longhorn DDK provider)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2021-07-20] () [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2021-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-20 09:42 - 2021-07-20 09:43 - 000011780 _____ C:\Users\hodbo\Desktop\FRST.txt
2021-07-20 09:41 - 2021-07-20 09:42 - 000000000 ____D C:\FRST
2021-07-20 09:40 - 2021-07-20 09:40 - 002300416 _____ (Farbar) C:\Users\hodbo\Desktop\FRST64.exe
2021-07-20 09:22 - 2021-07-20 09:22 - 015950640 _____ C:\Users\hodbo\Downloads\webcam-morpher(1).exe
2021-07-20 09:16 - 2016-11-14 07:04 - 003149824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2021-07-20 09:16 - 2016-11-14 07:04 - 002650360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2021-07-20 09:16 - 2016-11-14 07:04 - 001980664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll
2021-07-20 09:16 - 2016-11-14 07:04 - 001132792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtsMFT0.dll
2021-07-20 09:16 - 2016-11-14 07:04 - 000645632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamP64.dll
2021-07-20 09:16 - 2016-11-14 07:04 - 000560640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamP.dll
2021-07-20 09:16 - 2016-11-14 07:04 - 000104448 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamO64.dll
2021-07-20 08:28 - 2021-07-20 08:28 - 015950640 _____ C:\Users\hodbo\Downloads\webcam-morpher.exe
2021-07-20 08:27 - 2021-07-20 08:27 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Opera Software
2021-07-20 02:18 - 2021-07-20 02:19 - 2077714921 _____ C:\Users\hodbo\Desktop\Čtyřlístek ve službách krále (2004) Cz anim pohádka 720p HD.mkv
2021-07-20 01:40 - 2021-07-20 01:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-20 01:38 - 2021-07-20 08:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-20 01:08 - 2021-07-20 09:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-20 01:08 - 2021-07-20 01:40 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-20 01:08 - 2021-07-20 01:08 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-07-20 01:02 - 2021-07-20 01:02 - 000000000 ____D C:\Users\hodbo\Desktop\Původní data aplikace Firefox
2021-07-19 14:04 - 2021-07-19 14:06 - 1209507866 _____ C:\Users\hodbo\Downloads\Hurvínek a kouzelné muzeum.mkv
2021-07-18 21:20 - 2021-07-18 21:31 - 4042669189 _____ C:\Users\hodbo\Downloads\Oslo.2021.720.cz.dab.mkv
2021-07-18 16:17 - 2021-07-18 16:17 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-18 16:17 - 2021-07-18 16:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-18 16:16 - 2021-07-18 16:16 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-15 22:20 - 2021-07-15 22:25 - 2338121901 _____ C:\Users\hodbo\Downloads\The.Mysterious.Benedict.Society.S01E01.1080p.WEB.H264-EXPLOIT.mkv
2021-07-15 22:19 - 2021-07-15 22:25 - 3938644971 _____ C:\Users\hodbo\Downloads\Van-Helsing 2004 CZ 1080p Hd.mkv
2021-07-15 22:11 - 2021-07-15 22:15 - 102416610 _____ C:\Users\hodbo\Downloads\Zamena.1983.1080p.BluRay.x265.AC3.CZ.dabing.mkv
2021-07-15 16:18 - 2021-07-15 16:23 - 2169790142 _____ C:\Users\hodbo\Downloads\Geniální.přítelkyně.02.1080i.H265.HDTV.CZ.rar
2021-07-15 09:12 - 2021-07-15 09:12 - 000000165 ____H C:\Users\hodbo\Desktop\~$Personál.xlsx
2021-07-14 14:46 - 2021-07-14 14:46 - 000000000 ____D C:\ProgramData\Glarysoft
2021-07-14 14:44 - 2021-07-20 00:31 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\GlarySoft
2021-07-14 14:44 - 2021-07-14 14:44 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2021-07-14 14:44 - 2021-07-14 14:44 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\DiskDefrag
2021-07-14 14:15 - 2021-07-14 14:16 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Zoom
2021-07-14 12:27 - 2021-07-14 12:27 - 000000000 ____D C:\WINDOWS\Panther
2021-07-11 20:13 - 2021-07-11 21:00 - 868655695 _____ C:\Users\hodbo\Downloads\Swing (2002).rar
2021-07-09 23:02 - 2021-07-09 23:06 - 1583357637 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E06.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:02 - 2021-07-09 23:06 - 1442546634 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E05.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:02 - 2021-07-09 23:05 - 1277699793 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E03.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:00 - 2021-07-09 23:02 - 1182875212 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E04.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:58 - 2021-07-09 23:00 - 1243523501 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E02.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:57 - 2021-07-09 23:00 - 1455147266 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E01.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:28 - 2021-07-09 22:30 - 1991649158 _____ C:\Users\hodbo\Downloads\Jeden za vsechny - Uno.para.todos.2020.720p.HDTV.CZ.dabing.mkv
2021-07-09 20:49 - 2021-07-09 20:54 - 1908939548 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e08.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:49 - 2021-07-09 20:53 - 1538325357 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e09.Film.o.Filme.2020.WEB-DL.(1080p).Getty.mkv
2021-07-09 20:48 - 2021-07-09 20:53 - 1814705909 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e07.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:48 - 2021-07-09 20:53 - 1621863145 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e06.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:46 - 2021-07-09 20:51 - 1645229629 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e05.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 13:59 - 2021-07-09 14:03 - 000143872 _____ C:\Users\hodbo\Downloads\PZ-pololeti-AT-pece-2021.xls
2021-07-08 22:54 - 2021-07-09 20:49 - 1998946577 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e01.2020.WEB-DL.1080.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:49 - 1808876817 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e02.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:48 - 1555966138 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e03.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:48 - 1499176897 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e04.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 21:40 - 2021-07-09 20:46 - 4016420061 _____ C:\Users\hodbo\Downloads\Tridni boj - La.Lutte.des.classes.2019.1080p.WEBRip.CZ.dabing.mkv
2021-07-07 12:31 - 2021-07-07 12:31 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 12:31 - 2021-07-07 12:31 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 12:31 - 2021-07-07 12:31 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 12:31 - 2021-07-07 12:31 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 12:31 - 2021-07-07 12:31 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-07 12:30 - 2021-07-07 12:30 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 12:26 - 2021-07-20 00:31 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2021-07-07 12:11 - 2021-07-05 17:10 - 000340280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-07-05 23:15 - 2021-07-06 13:29 - 2524171820 _____ C:\Users\hodbo\Downloads\Kapitalky - Uppercase.Print.2020.720p.HDTV.CZ.dabing.mkv
2021-07-05 23:12 - 2021-07-06 13:39 - 024606752 _____ C:\Users\hodbo\Downloads\Tokijsti kmotri - Tokyo.Godfathers.2003.1080p.BluRay.CZ.dabing.mkv
2021-07-05 23:09 - 2021-07-06 13:22 - 2312486332 _____ C:\Users\hodbo\Downloads\Amerika Film - America.The.Motion.Picture.2021.1080p.WEBRip.CZ.dabing.5.1.mkv
2021-07-05 23:06 - 2021-07-06 13:31 - 3252343721 _____ C:\Users\hodbo\Downloads\The.Tomorrow.War.2021.1080p.WEBRip.CZ.dabing.5.1.mkv
2021-07-05 17:10 - 2021-07-05 17:10 - 000215536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-07-05 16:06 - 2021-07-20 09:27 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebCam Morpher
2021-07-05 16:05 - 2010-12-02 18:17 - 000017152 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\avwebcam.sys
2021-06-26 13:21 - 2021-06-26 13:21 - 000147820 _____ C:\Users\hodbo\Downloads\CertifikatTestu.pdf
2021-06-26 13:21 - 2021-06-26 13:21 - 000145169 _____ C:\Users\hodbo\Downloads\OckovaciCertifikat.pdf
2021-06-26 13:08 - 2021-06-26 13:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-06-26 10:58 - 2021-06-26 10:58 - 000328269 _____ C:\Users\hodbo\Downloads\Jaroslav Hodboď.pdf
2021-06-26 10:58 - 2021-06-26 10:58 - 000328058 _____ C:\Users\hodbo\Downloads\Kateřina Hodboďová.pdf
2021-06-25 13:29 - 2021-06-25 13:29 - 000602387 _____ C:\Users\hodbo\Downloads\Stanovy.pdf
2021-06-25 11:53 - 2021-06-25 11:53 - 000081473 _____ C:\Users\hodbo\Desktop\Faktura_210100002.pdf
2021-06-25 11:53 - 2021-06-25 11:53 - 000005533 _____ C:\Users\hodbo\Desktop\Faktura_210100002.isdoc
2021-06-25 11:53 - 2021-06-25 11:53 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\STORMWARE
2021-06-25 11:34 - 2021-06-25 11:34 - 000002138 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA 2021 START.lnk
2021-06-25 11:34 - 2021-06-25 11:34 - 000000000 ____D C:\ProgramData\STORMWARE
2021-06-25 11:34 - 2021-06-25 11:34 - 000000000 ____D C:\Program Files (x86)\STORMWARE
2021-06-25 11:33 - 2021-06-25 11:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-25 11:18 - 2021-06-25 11:20 - 220674880 _____ C:\Users\hodbo\Downloads\SetupPohodaCZ_Start_12802.exe
2021-06-24 08:08 - 2021-06-24 08:08 - 001686975 _____ C:\Users\hodbo\Downloads\MU-BP-2015-Hajduk-David-Hajduk_David_BP.pdf
2021-06-22 13:18 - 2021-06-22 13:18 - 000031245 _____ C:\Users\hodbo\Desktop\Kopie - vzdělávání 2021 all CARE.xlsx
2021-06-20 23:31 - 2021-06-20 23:53 - 1980332604 _____ C:\Users\hodbo\Downloads\Laska na kari - Kom.Drama -USA - 2014- cz dab_2.mkv
2021-06-20 23:22 - 2021-06-20 23:47 - 2071412988 _____ C:\Users\hodbo\Downloads\Velká ryba - Big Fish CZdabing 2003 Fanstasy Dobrodružný.mkv
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-20 09:42 - 2021-05-12 00:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-20 09:41 - 2020-12-09 19:47 - 000000000 ____D C:\Users\hodbo\AppData\LocalLow\Mozilla
2021-07-20 09:39 - 2021-05-12 01:19 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-20 09:39 - 2021-05-12 00:58 - 000000000 ____D C:\Program Files\CCleaner
2021-07-20 09:37 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-20 09:37 - 2021-05-12 00:57 - 000000000 ____D C:\ProgramData\AVG
2021-07-20 09:37 - 2021-05-12 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-20 09:37 - 2020-12-09 13:05 - 000000000 ___RD C:\Users\hodbo\OneDrive
2021-07-20 09:37 - 2020-12-09 13:03 - 000000000 __SHD C:\Users\hodbo\IntelGraphicsProfiles
2021-07-20 09:37 - 2020-12-09 12:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-20 09:37 - 2020-12-09 12:42 - 000000000 ____D C:\Intel
2021-07-20 09:36 - 2021-05-12 01:14 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-20 09:35 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-20 09:35 - 2021-05-12 00:42 - 000000000 ____D C:\Users\hodbo\AppData\Local\Packages
2021-07-20 09:32 - 2021-05-12 01:21 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-20 09:32 - 2021-05-12 01:21 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-20 09:32 - 2021-05-12 01:18 - 000000000 ____D C:\WINDOWS\INF
2021-07-20 09:32 - 2021-05-12 00:41 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-20 09:16 - 2021-05-12 00:29 - 000000000 ____D C:\Program Files\Realtek
2021-07-20 08:42 - 2021-05-12 01:19 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-20 08:42 - 2021-05-12 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-20 08:24 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-20 08:24 - 2021-05-12 00:32 - 000000000 ____D C:\Users\hodbo
2021-07-20 08:18 - 2021-05-13 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-07-20 08:18 - 2021-05-12 00:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-20 08:18 - 2021-05-12 00:58 - 000003044 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-07-20 08:18 - 2021-05-12 00:58 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-07-20 08:18 - 2021-05-12 00:49 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\vlc
2021-07-20 08:18 - 2021-05-12 00:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-866693231-3887322836-1461819324-1001
2021-07-20 08:18 - 2021-05-12 00:29 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-20 08:18 - 2021-05-12 00:29 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-20 02:19 - 2021-05-14 22:23 - 000000000 ____D C:\Program Files (x86)\FastShare
2021-07-20 00:30 - 2021-05-12 00:32 - 000002379 _____ C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-20 00:29 - 2021-05-12 00:28 - 000524504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-20 00:29 - 2020-12-21 14:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-20 00:29 - 2020-12-21 14:46 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-19 09:04 - 2021-06-01 18:07 - 000082121 _____ C:\Users\hodbo\Desktop\STM_CZ8506000000000155008656_20210531_2021000005.PDF.pdf
2021-07-19 04:11 - 2021-05-13 13:02 - 000000000 ____D C:\Users\hodbo\AppData\Local\WebEx
2021-07-19 01:46 - 2021-05-12 00:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-07-18 16:27 - 2021-05-12 01:15 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-18 16:03 - 2021-01-27 10:48 - 000000000 ____D C:\Users\hodbo\AppData\LocalLow\WebEx
2021-07-18 16:00 - 2020-12-09 15:24 - 000000000 ___HD C:\$WinREAgent
2021-07-16 23:40 - 2021-05-13 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 23:38 - 2021-05-13 03:12 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 10:58 - 2020-12-09 19:22 - 000002336 ____H C:\Users\hodbo\Documents\Default.rdp
2021-07-15 19:06 - 2020-12-29 10:44 - 000000000 ____D C:\Users\hodbo\Documents\Šablony
2021-07-14 14:34 - 2021-05-12 00:56 - 000000000 ____D C:\ProgramData\Adobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-12 20:16 - 2021-05-26 08:44 - 000000000 ____D C:\Users\hodbo\AppData\Local\D3DSCache
2021-07-09 21:48 - 2021-05-12 00:51 - 000002366 _____ C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-07-09 21:48 - 2021-05-12 00:50 - 000002358 _____ C:\Users\hodbo\Desktop\Microsoft Teams.lnk
2021-07-08 14:21 - 2020-10-12 13:24 - 000031392 _____ C:\Users\hodbo\Desktop\Personál.xlsx
2021-07-07 12:17 - 2021-05-12 00:59 - 000002001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2021-07-07 12:17 - 2021-05-12 00:59 - 000001989 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2021-07-07 12:16 - 2021-05-12 01:19 - 000000000 ____D C:\Program Files\Windows Defender
2021-07-07 12:16 - 2021-05-12 00:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-07 12:11 - 2021-05-12 01:19 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-07 12:10 - 2021-05-12 00:32 - 000000000 ____D C:\Users\defaultuser100000.SAMAN
2021-07-07 12:06 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\registration
2021-07-05 17:10 - 2021-05-12 00:58 - 000851344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000524568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000472064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000366704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000327696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000250464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000217056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000182736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000108000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000099440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000083056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000041488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000035872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-07-05 16:08 - 2021-05-12 00:42 - 000000000 ____D C:\Users\hodbo\AppData\Local\VirtualStore
2021-06-25 11:34 - 2021-04-25 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2021-06-23 10:09 - 2021-06-11 10:02 - 000358894 _____ C:\Users\hodbo\Desktop\KK_Děti.pptx
2021-06-21 08:48 - 2018-05-11 09:08 - 000281819 _____ C:\Users\hodbo\Desktop\Výběrové řízení účetní -formulář_testy.zip
==================== Files in the root of some directories ========
2021-05-26 08:44 - 2021-05-26 08:44 - 006922240 _____ () C:\Program Files (x86)\GUT5555.tmp
==================== FLock ==============================
2021-05-12 01:28 C:\Recovery
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by hodbo (20-07-2021 09:43:58)
Running from C:\Users\hodbo\Desktop
Windows 10 Home Version 21H1 19043.1110 (X64) (2021-05-11 22:42:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-866693231-3887322836-1461819324-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-866693231-3887322836-1461819324-503 - Limited - Disabled)
Guest (S-1-5-21-866693231-3887322836-1461819324-501 - Limited - Disabled)
hodbo (S-1-5-21-866693231-3887322836-1461819324-1001 - Administrator - Enabled) => C:\Users\hodbo
WDAGUtilityAccount (S-1-5-21-866693231-3887322836-1461819324-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.5.3185 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\ActiveTouchMeetingClient) (Version: 41.7.4 - Cisco Webex LLC)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.70 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14131.20320 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.1 (x64 cs)) (Version: 90.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{B3DDCA86-6369-43B8-B10F-6F4F47259D92}) (Version: 12802.6 - STORMWARE)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
WhatsApp (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\WhatsApp) (Version: 2.2119.6 - WhatsApp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)
Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\dellinc.dellsupportassistforpcs_3.9.11.0_x64__htrsf667h5kn2 [2021-07-07] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-07] (HP Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-866693231-3887322836-1461819324-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\hodbo\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-866693231-3887322836-1461819324-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hodbo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_25477efa0de18af8\igfxDTCM.dll [2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
==================== Loaded Modules (Whitelisted) =============
2021-05-12 00:55 - 2021-05-12 00:55 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2021-05-12 00:55 - 2021-05-12 00:55 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\sharepoint.com -> hxxps://fokusmb-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-05-12 01:19 - 2021-05-12 01:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hodbo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0FC622C0-4131-4FC1-B35C-8878682510D8}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A3CF28F8-0F0C-4A91-8529-6C91B74E81D1}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C70B3F24-659E-4FFE-B59B-89167DCC4226}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5C46C1E0-6310-494E-84EA-EEBB089E3F11}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3193CA7C-8D1D-4BA8-80F9-B7BA12609CC1}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2FDD5F7B-B376-4465-B845-B2C576AB426C}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A7F46F-27F3-4414-9565-0C8607C5531D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E491984-B201-49F7-9401-D8196E1E9DB5}] => (Allow) C:\Users\hodbo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2D30E4D9-761A-412A-98E0-BF515E097EE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A28358A4-4AAC-4D55-AFB3-AA969FF483A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AE1D522-C092-437B-861C-AE68BCC2770B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22B59C3D-8EC7-4CE2-8206-1A8A99F9DFA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3B745DD8-1368-485F-B72D-E765F5449B20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B97258ED-3CAD-4D30-8C5D-D3F9BC32E7EC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-07-2021 09:16:15 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/20/2021 09:37:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1081, časové razítko: 0x473ce9d1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1878
ID chybujícího procesu: 0x7a4
Čas spuštění chybující aplikace: 0x01d77d3a10b06ac7
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 4f78c017-3b20-4794-9e05-6b6679397d6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/20/2021 08:25:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x7a4
Čas spuštění chybující aplikace: 0x01d77d2ff1372d22
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 2c732333-bbb8-4a3c-9a99-b0349b9b444c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/20/2021 08:18:35 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 28178414 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 08:18:35 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 28178410 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 06:51:06 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 22925884 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 06:51:06 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 22925866 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 12:08:54 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 353042076 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 12:08:53 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 353040618 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
System errors:
=============
Error: (07/20/2021 09:37:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:24:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:23:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:20:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:15:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:03:11 AM) (Source: DCOM) (EventID: 10000) (User: SAMAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/20/2021 08:50:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 08:30:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
CodeIntegrity:
===============
Date: 2021-07-20 09:39:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-07-20 09:38:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.32.1 05/05/2021
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 16250.02 MB
Available physical RAM: 11888.73 MB
Total Virtual: 18682.02 MB
Available Virtual: 14448.52 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:227.4 GB) (Free:14.73 GB) NTFS
\\?\Volume{de0332c6-1f14-4e35-99c0-8542a53605d8}\ () (Fixed) (Total:0.45 GB) (Free:0.44 GB) NTFS
\\?\Volume{97462f55-a7ca-447c-b4e2-65d0827c5b08}\ () (Fixed) (Total:8.93 GB) (Free:8.33 GB) NTFS
\\?\Volume{09ef245c-85de-4791-93b4-625faf27a057}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.21 GB) NTFS
\\?\Volume{b7d9c426-7bf4-4ee1-819c-2ca92a3ee32d}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3BAAA986)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosba o pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o pomoc
Zdravím!
Zkuste obnovu systému k datu, kdy korektně fungoval.
Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosba o pomoc
Zdravím, bohužel nepomohlo. Měl jsem pouze záchytný bod k dnešnímu ránu, zkusil jsem problém zůstává. přidávám aktualizované info FRST
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [976768 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [171320 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hodbo\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\hodbo\AppData\Local\WebEx\ciscowebexstart.exe [4524368 2021-07-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C939ADA-0E56-497F-B06C-D50FBC5421FC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-05-12] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {4F7CEF4B-0748-49BA-B3A6-F0756A3819EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {58E7650D-8E4E-4C93-B974-AC6C50238CA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {669F199C-D5A0-4FF2-8E3F-EB94542E90EE} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {70A7D2EC-5EFC-4BE0-8BA8-880DF7FD2591} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118144 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D1CEDC7-EE95-4B8F-B381-812B1290C44D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9BC3FA80-367D-458F-91F4-79267E05DCCE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4950840 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {C95C349D-C729-4ECE-832F-97737FCB9620} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB1718D0-7C70-48FF-B936-6E6BB6F508B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118144 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA7E32A0-12DE-4A17-B678-A4FC7B263F22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F99CBA96-95E2-4F09-9EDC-4E9149851BA6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682424 2021-07-20] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8ec9d281-d237-4ae0-99fd-92d1eaae4b72}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\hodbo\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-20]
FireFox:
========
FF DefaultProfile: mnlrwu64.default
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\bg3l3l82.default-release-1 [2021-07-20]
FF Homepage: Mozilla\Firefox\Profiles\bg3l3l82.default-release-1 -> www.google.com
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\mnlrwu64.default [2021-05-12]
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\qxnuebb2.default-release-1626735768000 [2021-07-20]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [625976 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [374072 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8297584 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056672 2021-07-08] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35872 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [217056 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [366704 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250464 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99440 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [17344 2021-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41488 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [182736 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [524568 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [108000 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83056 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851344 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [472064 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215536 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327696 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVWEBCAM; C:\WINDOWS\System32\drivers\avwebcam.sys [17152 2010-12-02] (AVSOFT CORP. -> Windows (R) Codename Longhorn DDK provider)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2021-07-20] () [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2021-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-20 10:43 - 2021-07-20 10:44 - 000011780 _____ C:\Users\hodbo\Desktop\FRST.txt
2021-07-20 10:43 - 2021-07-20 10:43 - 002300416 _____ (Farbar) C:\Users\hodbo\Desktop\FRST64.exe
2021-07-20 10:41 - 2021-07-05 17:10 - 000340280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-07-20 10:41 - 2016-11-14 07:04 - 003149824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2021-07-20 10:41 - 2016-11-14 07:04 - 002650360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2021-07-20 10:41 - 2016-11-14 07:04 - 001980664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 001132792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtsMFT0.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 000645632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamP64.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 000560640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamP.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 000104448 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamO64.dll
2021-07-20 09:41 - 2021-07-20 10:44 - 000000000 ____D C:\FRST
2021-07-20 08:28 - 2021-07-20 08:28 - 015950640 _____ C:\Users\hodbo\Downloads\webcam-morpher.exe
2021-07-20 08:27 - 2021-07-20 08:27 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Opera Software
2021-07-20 02:18 - 2021-07-20 02:19 - 2077714921 _____ C:\Users\hodbo\Desktop\Čtyřlístek ve službách krále (2004) Cz anim pohádka 720p HD.mkv
2021-07-20 01:40 - 2021-07-20 01:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-20 01:38 - 2021-07-20 08:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-20 01:08 - 2021-07-20 10:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-20 01:08 - 2021-07-20 01:40 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-20 01:08 - 2021-07-20 01:08 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-07-20 01:02 - 2021-07-20 01:02 - 000000000 ____D C:\Users\hodbo\Desktop\Původní data aplikace Firefox
2021-07-19 14:04 - 2021-07-19 14:06 - 1209507866 _____ C:\Users\hodbo\Downloads\Hurvínek a kouzelné muzeum.mkv
2021-07-18 21:20 - 2021-07-18 21:31 - 4042669189 _____ C:\Users\hodbo\Downloads\Oslo.2021.720.cz.dab.mkv
2021-07-18 16:17 - 2021-07-18 16:17 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-18 16:17 - 2021-07-18 16:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-18 16:16 - 2021-07-18 16:16 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-15 22:20 - 2021-07-15 22:25 - 2338121901 _____ C:\Users\hodbo\Downloads\The.Mysterious.Benedict.Society.S01E01.1080p.WEB.H264-EXPLOIT.mkv
2021-07-15 22:19 - 2021-07-15 22:25 - 3938644971 _____ C:\Users\hodbo\Downloads\Van-Helsing 2004 CZ 1080p Hd.mkv
2021-07-15 22:11 - 2021-07-15 22:15 - 102416610 _____ C:\Users\hodbo\Downloads\Zamena.1983.1080p.BluRay.x265.AC3.CZ.dabing.mkv
2021-07-15 16:18 - 2021-07-15 16:23 - 2169790142 _____ C:\Users\hodbo\Downloads\Geniální.přítelkyně.02.1080i.H265.HDTV.CZ.rar
2021-07-15 09:12 - 2021-07-15 09:12 - 000000165 ____H C:\Users\hodbo\Desktop\~$Personál.xlsx
2021-07-14 14:46 - 2021-07-14 14:46 - 000000000 ____D C:\ProgramData\Glarysoft
2021-07-14 14:44 - 2021-07-20 00:31 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\GlarySoft
2021-07-14 14:44 - 2021-07-14 14:44 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2021-07-14 14:44 - 2021-07-14 14:44 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\DiskDefrag
2021-07-14 14:15 - 2021-07-14 14:16 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Zoom
2021-07-14 12:27 - 2021-07-14 12:27 - 000000000 ____D C:\WINDOWS\Panther
2021-07-11 20:13 - 2021-07-11 21:00 - 868655695 _____ C:\Users\hodbo\Downloads\Swing (2002).rar
2021-07-09 23:02 - 2021-07-09 23:06 - 1583357637 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E06.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:02 - 2021-07-09 23:06 - 1442546634 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E05.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:02 - 2021-07-09 23:05 - 1277699793 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E03.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:00 - 2021-07-09 23:02 - 1182875212 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E04.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:58 - 2021-07-09 23:00 - 1243523501 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E02.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:57 - 2021-07-09 23:00 - 1455147266 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E01.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:28 - 2021-07-09 22:30 - 1991649158 _____ C:\Users\hodbo\Downloads\Jeden za vsechny - Uno.para.todos.2020.720p.HDTV.CZ.dabing.mkv
2021-07-09 20:49 - 2021-07-09 20:54 - 1908939548 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e08.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:49 - 2021-07-09 20:53 - 1538325357 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e09.Film.o.Filme.2020.WEB-DL.(1080p).Getty.mkv
2021-07-09 20:48 - 2021-07-09 20:53 - 1814705909 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e07.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:48 - 2021-07-09 20:53 - 1621863145 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e06.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:46 - 2021-07-09 20:51 - 1645229629 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e05.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 13:59 - 2021-07-09 14:03 - 000143872 _____ C:\Users\hodbo\Downloads\PZ-pololeti-AT-pece-2021.xls
2021-07-08 22:54 - 2021-07-09 20:49 - 1998946577 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e01.2020.WEB-DL.1080.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:49 - 1808876817 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e02.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:48 - 1555966138 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e03.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:48 - 1499176897 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e04.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 21:40 - 2021-07-09 20:46 - 4016420061 _____ C:\Users\hodbo\Downloads\Tridni boj - La.Lutte.des.classes.2019.1080p.WEBRip.CZ.dabing.mkv
2021-07-07 12:31 - 2021-07-07 12:31 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 12:31 - 2021-07-07 12:31 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 12:31 - 2021-07-07 12:31 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 12:31 - 2021-07-07 12:31 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 12:31 - 2021-07-07 12:31 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-07 12:30 - 2021-07-07 12:30 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 12:26 - 2021-07-20 00:31 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2021-07-05 23:15 - 2021-07-06 13:29 - 2524171820 _____ C:\Users\hodbo\Downloads\Kapitalky - Uppercase.Print.2020.720p.HDTV.CZ.dabing.mkv
2021-07-05 23:12 - 2021-07-06 13:39 - 024606752 _____ C:\Users\hodbo\Downloads\Tokijsti kmotri - Tokyo.Godfathers.2003.1080p.BluRay.CZ.dabing.mkv
2021-07-05 23:09 - 2021-07-06 13:22 - 2312486332 _____ C:\Users\hodbo\Downloads\Amerika Film - America.The.Motion.Picture.2021.1080p.WEBRip.CZ.dabing.5.1.mkv
2021-07-05 23:06 - 2021-07-06 13:31 - 3252343721 _____ C:\Users\hodbo\Downloads\The.Tomorrow.War.2021.1080p.WEBRip.CZ.dabing.5.1.mkv
2021-07-05 17:10 - 2021-07-05 17:10 - 000215536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-07-05 16:06 - 2021-07-20 09:27 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebCam Morpher
2021-07-05 16:05 - 2010-12-02 18:17 - 000017152 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\avwebcam.sys
2021-06-26 13:21 - 2021-06-26 13:21 - 000147820 _____ C:\Users\hodbo\Downloads\CertifikatTestu.pdf
2021-06-26 13:21 - 2021-06-26 13:21 - 000145169 _____ C:\Users\hodbo\Downloads\OckovaciCertifikat.pdf
2021-06-26 13:08 - 2021-06-26 13:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-06-26 10:58 - 2021-06-26 10:58 - 000328269 _____ C:\Users\hodbo\Downloads\Jaroslav Hodboď.pdf
2021-06-26 10:58 - 2021-06-26 10:58 - 000328058 _____ C:\Users\hodbo\Downloads\Kateřina Hodboďová.pdf
2021-06-25 13:29 - 2021-06-25 13:29 - 000602387 _____ C:\Users\hodbo\Downloads\Stanovy.pdf
2021-06-25 11:53 - 2021-06-25 11:53 - 000081473 _____ C:\Users\hodbo\Desktop\Faktura_210100002.pdf
2021-06-25 11:53 - 2021-06-25 11:53 - 000005533 _____ C:\Users\hodbo\Desktop\Faktura_210100002.isdoc
2021-06-25 11:53 - 2021-06-25 11:53 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\STORMWARE
2021-06-25 11:34 - 2021-06-25 11:34 - 000002138 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA 2021 START.lnk
2021-06-25 11:34 - 2021-06-25 11:34 - 000000000 ____D C:\ProgramData\STORMWARE
2021-06-25 11:34 - 2021-06-25 11:34 - 000000000 ____D C:\Program Files (x86)\STORMWARE
2021-06-25 11:33 - 2021-06-25 11:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-25 11:18 - 2021-06-25 11:20 - 220674880 _____ C:\Users\hodbo\Downloads\SetupPohodaCZ_Start_12802.exe
2021-06-24 08:08 - 2021-06-24 08:08 - 001686975 _____ C:\Users\hodbo\Downloads\MU-BP-2015-Hajduk-David-Hajduk_David_BP.pdf
2021-06-22 13:18 - 2021-06-22 13:18 - 000031245 _____ C:\Users\hodbo\Desktop\Kopie - vzdělávání 2021 all CARE.xlsx
2021-06-20 23:31 - 2021-06-20 23:53 - 1980332604 _____ C:\Users\hodbo\Downloads\Laska na kari - Kom.Drama -USA - 2014- cz dab_2.mkv
2021-06-20 23:22 - 2021-06-20 23:47 - 2071412988 _____ C:\Users\hodbo\Downloads\Velká ryba - Big Fish CZdabing 2003 Fanstasy Dobrodružný.mkv
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-20 10:45 - 2021-05-12 00:42 - 000000000 ____D C:\Users\hodbo\AppData\Local\Packages
2021-07-20 10:44 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-20 10:42 - 2021-05-12 01:19 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-20 10:42 - 2021-05-12 00:58 - 000000000 ____D C:\Program Files\CCleaner
2021-07-20 10:42 - 2021-05-12 00:57 - 000000000 ____D C:\ProgramData\AVG
2021-07-20 10:42 - 2021-05-12 00:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-20 10:41 - 2021-05-12 01:19 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-20 10:41 - 2021-05-12 01:18 - 000000000 ____D C:\WINDOWS\INF
2021-07-20 10:41 - 2021-05-12 00:58 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-07-20 10:41 - 2021-05-12 00:29 - 000000000 ____D C:\Program Files\Realtek
2021-07-20 10:41 - 2020-12-09 19:47 - 000000000 ____D C:\Users\hodbo\AppData\LocalLow\Mozilla
2021-07-20 10:41 - 2020-12-09 13:05 - 000000000 ___RD C:\Users\hodbo\OneDrive
2021-07-20 10:40 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-20 10:40 - 2021-05-12 00:32 - 000000000 ____D C:\Users\hodbo
2021-07-20 10:40 - 2021-05-12 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-20 10:40 - 2020-12-09 13:03 - 000000000 __SHD C:\Users\hodbo\IntelGraphicsProfiles
2021-07-20 10:40 - 2020-12-09 12:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-20 10:40 - 2020-12-09 12:42 - 000000000 ____D C:\Intel
2021-07-20 10:39 - 2021-05-17 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft AVI Repair
2021-07-20 10:39 - 2021-05-17 23:54 - 000000000 ____D C:\Program Files (x86)\Jihosoft
2021-07-20 10:39 - 2021-05-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-07-20 10:39 - 2021-05-17 23:14 - 000000000 ____D C:\Program Files\Recuva
2021-07-20 10:39 - 2021-05-12 00:32 - 000000000 ____D C:\Users\defaultuser100000.SAMAN
2021-07-20 10:37 - 2021-05-12 01:19 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-20 10:36 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\registration
2021-07-20 10:31 - 2021-05-12 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-20 09:15 - 2021-05-12 01:14 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-20 08:58 - 2021-05-12 01:21 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-20 08:58 - 2021-05-12 01:21 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-20 08:58 - 2021-05-12 00:41 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-20 08:24 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-20 08:18 - 2021-05-13 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-07-20 08:18 - 2021-05-12 00:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-20 08:18 - 2021-05-12 00:58 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-07-20 08:18 - 2021-05-12 00:49 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\vlc
2021-07-20 08:18 - 2021-05-12 00:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-866693231-3887322836-1461819324-1001
2021-07-20 08:18 - 2021-05-12 00:29 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-20 08:18 - 2021-05-12 00:29 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-20 02:19 - 2021-05-14 22:23 - 000000000 ____D C:\Program Files (x86)\FastShare
2021-07-20 00:30 - 2021-05-12 00:32 - 000002379 _____ C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-20 00:29 - 2021-05-12 00:28 - 000524504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-20 00:29 - 2020-12-21 14:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-20 00:29 - 2020-12-21 14:46 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-19 04:11 - 2021-05-13 13:02 - 000000000 ____D C:\Users\hodbo\AppData\Local\WebEx
2021-07-19 01:46 - 2021-05-12 00:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-07-18 16:27 - 2021-05-12 01:15 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-18 16:03 - 2021-01-27 10:48 - 000000000 ____D C:\Users\hodbo\AppData\LocalLow\WebEx
2021-07-18 16:00 - 2020-12-09 15:24 - 000000000 ___HD C:\$WinREAgent
2021-07-16 23:40 - 2021-05-13 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 23:38 - 2021-05-13 03:12 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 10:58 - 2020-12-09 19:22 - 000002336 ____H C:\Users\hodbo\Documents\Default.rdp
2021-07-15 19:06 - 2020-12-29 10:44 - 000000000 ____D C:\Users\hodbo\Documents\Šablony
2021-07-14 14:34 - 2021-05-12 00:56 - 000000000 ____D C:\ProgramData\Adobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-12 20:16 - 2021-05-26 08:44 - 000000000 ____D C:\Users\hodbo\AppData\Local\D3DSCache
2021-07-09 21:48 - 2021-05-12 00:51 - 000002366 _____ C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-07-09 21:48 - 2021-05-12 00:50 - 000002358 _____ C:\Users\hodbo\Desktop\Microsoft Teams.lnk
2021-07-08 14:21 - 2020-10-12 13:24 - 000031392 _____ C:\Users\hodbo\Desktop\Personál.xlsx
2021-07-07 12:17 - 2021-05-12 00:59 - 000002001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2021-07-07 12:17 - 2021-05-12 00:59 - 000001989 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2021-07-07 12:16 - 2021-05-12 01:19 - 000000000 ____D C:\Program Files\Windows Defender
2021-07-07 12:16 - 2021-05-12 00:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-05 17:10 - 2021-05-12 00:58 - 000851344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000524568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000472064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000366704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000327696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000250464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000217056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000182736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000108000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000099440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000083056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000041488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000035872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-07-05 16:08 - 2021-05-12 00:42 - 000000000 ____D C:\Users\hodbo\AppData\Local\VirtualStore
2021-06-25 11:34 - 2021-04-25 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2021-06-23 10:09 - 2021-06-11 10:02 - 000358894 _____ C:\Users\hodbo\Desktop\KK_Děti.pptx
==================== Files in the root of some directories ========
2021-05-26 08:44 - 2021-05-26 08:44 - 006922240 _____ () C:\Program Files (x86)\GUT5555.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by hodbo (20-07-2021 10:46:21)
Running from C:\Users\hodbo\Desktop
Windows 10 Home Version 21H1 19043.1110 (X64) (2021-05-11 22:42:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-866693231-3887322836-1461819324-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-866693231-3887322836-1461819324-503 - Limited - Disabled)
Guest (S-1-5-21-866693231-3887322836-1461819324-501 - Limited - Disabled)
hodbo (S-1-5-21-866693231-3887322836-1461819324-1001 - Administrator - Enabled) => C:\Users\hodbo
WDAGUtilityAccount (S-1-5-21-866693231-3887322836-1461819324-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.5.3185 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\ActiveTouchMeetingClient) (Version: 41.7.4 - Cisco Webex LLC)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Jihosoft AVI Repair version 1.0.0.8 (HKLM-x32\...\{83E9A6A4-A5E1-48F1-9DAE-E82E9ECDBB41}_is1) (Version: 1.0.0.8 - Jihosoft Studio)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.70 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14131.20320 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.1 (x64 cs)) (Version: 90.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
STORMWARE POHODA Start CZ (HKLM-x32\...\{B3DDCA86-6369-43B8-B10F-6F4F47259D92}) (Version: 12802.6 - STORMWARE)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
WhatsApp (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\WhatsApp) (Version: 2.2119.6 - WhatsApp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)
Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\dellinc.dellsupportassistforpcs_3.9.11.0_x64__htrsf667h5kn2 [2021-07-07] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-20] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-07] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-866693231-3887322836-1461819324-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\hodbo\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-866693231-3887322836-1461819324-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hodbo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_25477efa0de18af8\igfxDTCM.dll [2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\sharepoint.com -> hxxps://fokusmb-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-05-12 01:19 - 2021-05-12 01:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hodbo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0FC622C0-4131-4FC1-B35C-8878682510D8}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A3CF28F8-0F0C-4A91-8529-6C91B74E81D1}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C70B3F24-659E-4FFE-B59B-89167DCC4226}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5C46C1E0-6310-494E-84EA-EEBB089E3F11}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3193CA7C-8D1D-4BA8-80F9-B7BA12609CC1}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2FDD5F7B-B376-4465-B845-B2C576AB426C}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A7F46F-27F3-4414-9565-0C8607C5531D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E491984-B201-49F7-9401-D8196E1E9DB5}] => (Allow) C:\Users\hodbo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2D30E4D9-761A-412A-98E0-BF515E097EE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A28358A4-4AAC-4D55-AFB3-AA969FF483A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AE1D522-C092-437B-861C-AE68BCC2770B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22B59C3D-8EC7-4CE2-8206-1A8A99F9DFA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3B745DD8-1368-485F-B72D-E765F5449B20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B97258ED-3CAD-4D30-8C5D-D3F9BC32E7EC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-07-2021 09:16:15 Windows Update
20-07-2021 10:34:24 Operace obnovení
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/20/2021 10:44:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:44:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:44:40 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:44:40 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:40:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4564,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU00850.log došlo k chybě -1811 (0xfffff8ed).
Error: (07/20/2021 10:31:55 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 3286951 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 10:31:55 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 3286945 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 09:37:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1081, časové razítko: 0x473ce9d1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1878
ID chybujícího procesu: 0x7a4
Čas spuštění chybující aplikace: 0x01d77d3a10b06ac7
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 4f78c017-3b20-4794-9e05-6b6679397d6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/20/2021 10:40:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:37:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:24:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:23:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:20:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:15:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:03:11 AM) (Source: DCOM) (EventID: 10000) (User: SAMAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/20/2021 08:50:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
CodeIntegrity:
===============
Date: 2021-07-20 10:42:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-07-20 10:42:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-07-20 10:42:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.32.1 05/05/2021
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 16250.02 MB
Available physical RAM: 10836.96 MB
Total Virtual: 18682.02 MB
Available Virtual: 13492.41 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:227.4 GB) (Free:13.01 GB) NTFS
\\?\Volume{de0332c6-1f14-4e35-99c0-8542a53605d8}\ () (Fixed) (Total:0.45 GB) (Free:0.44 GB) NTFS
\\?\Volume{97462f55-a7ca-447c-b4e2-65d0827c5b08}\ () (Fixed) (Total:8.93 GB) (Free:8.33 GB) NTFS
\\?\Volume{09ef245c-85de-4791-93b4-625faf27a057}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.21 GB) NTFS
\\?\Volume{b7d9c426-7bf4-4ee1-819c-2ca92a3ee32d}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3BAAA986)
Partition: GPT.
==================== End of Addition.txt =======================
==================== End of FRST.txt ========================
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [976768 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [171320 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hodbo\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\hodbo\AppData\Local\WebEx\ciscowebexstart.exe [4524368 2021-07-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C939ADA-0E56-497F-B06C-D50FBC5421FC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-05-12] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {4F7CEF4B-0748-49BA-B3A6-F0756A3819EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {58E7650D-8E4E-4C93-B974-AC6C50238CA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {669F199C-D5A0-4FF2-8E3F-EB94542E90EE} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {70A7D2EC-5EFC-4BE0-8BA8-880DF7FD2591} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118144 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D1CEDC7-EE95-4B8F-B381-812B1290C44D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9BC3FA80-367D-458F-91F4-79267E05DCCE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4950840 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {C95C349D-C729-4ECE-832F-97737FCB9620} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB1718D0-7C70-48FF-B936-6E6BB6F508B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118144 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA7E32A0-12DE-4A17-B678-A4FC7B263F22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F99CBA96-95E2-4F09-9EDC-4E9149851BA6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682424 2021-07-20] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8ec9d281-d237-4ae0-99fd-92d1eaae4b72}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\hodbo\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-20]
FireFox:
========
FF DefaultProfile: mnlrwu64.default
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\bg3l3l82.default-release-1 [2021-07-20]
FF Homepage: Mozilla\Firefox\Profiles\bg3l3l82.default-release-1 -> www.google.com
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\mnlrwu64.default [2021-05-12]
FF ProfilePath: C:\Users\hodbo\AppData\Roaming\Mozilla\Firefox\Profiles\qxnuebb2.default-release-1626735768000 [2021-07-20]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [625976 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [374072 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8297584 2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056672 2021-07-08] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35872 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [217056 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [366704 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250464 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99440 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [17344 2021-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41488 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [182736 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [524568 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [108000 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83056 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851344 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [472064 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215536 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327696 2021-07-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVWEBCAM; C:\WINDOWS\System32\drivers\avwebcam.sys [17152 2010-12-02] (AVSOFT CORP. -> Windows (R) Codename Longhorn DDK provider)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2021-07-20] () [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2021-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2021-07-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-20 10:43 - 2021-07-20 10:44 - 000011780 _____ C:\Users\hodbo\Desktop\FRST.txt
2021-07-20 10:43 - 2021-07-20 10:43 - 002300416 _____ (Farbar) C:\Users\hodbo\Desktop\FRST64.exe
2021-07-20 10:41 - 2021-07-05 17:10 - 000340280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-07-20 10:41 - 2016-11-14 07:04 - 003149824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2021-07-20 10:41 - 2016-11-14 07:04 - 002650360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2021-07-20 10:41 - 2016-11-14 07:04 - 001980664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 001132792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtsMFT0.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 000645632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamP64.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 000560640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamP.dll
2021-07-20 10:41 - 2016-11-14 07:04 - 000104448 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamO64.dll
2021-07-20 09:41 - 2021-07-20 10:44 - 000000000 ____D C:\FRST
2021-07-20 08:28 - 2021-07-20 08:28 - 015950640 _____ C:\Users\hodbo\Downloads\webcam-morpher.exe
2021-07-20 08:27 - 2021-07-20 08:27 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Opera Software
2021-07-20 02:18 - 2021-07-20 02:19 - 2077714921 _____ C:\Users\hodbo\Desktop\Čtyřlístek ve službách krále (2004) Cz anim pohádka 720p HD.mkv
2021-07-20 01:40 - 2021-07-20 01:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-20 01:38 - 2021-07-20 08:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-20 01:08 - 2021-07-20 10:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-20 01:08 - 2021-07-20 01:40 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-20 01:08 - 2021-07-20 01:08 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-07-20 01:02 - 2021-07-20 01:02 - 000000000 ____D C:\Users\hodbo\Desktop\Původní data aplikace Firefox
2021-07-19 14:04 - 2021-07-19 14:06 - 1209507866 _____ C:\Users\hodbo\Downloads\Hurvínek a kouzelné muzeum.mkv
2021-07-18 21:20 - 2021-07-18 21:31 - 4042669189 _____ C:\Users\hodbo\Downloads\Oslo.2021.720.cz.dab.mkv
2021-07-18 16:17 - 2021-07-18 16:17 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-07-18 16:17 - 2021-07-18 16:17 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-18 16:17 - 2021-07-18 16:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-18 16:17 - 2021-07-18 16:17 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-18 16:16 - 2021-07-18 16:16 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-15 22:20 - 2021-07-15 22:25 - 2338121901 _____ C:\Users\hodbo\Downloads\The.Mysterious.Benedict.Society.S01E01.1080p.WEB.H264-EXPLOIT.mkv
2021-07-15 22:19 - 2021-07-15 22:25 - 3938644971 _____ C:\Users\hodbo\Downloads\Van-Helsing 2004 CZ 1080p Hd.mkv
2021-07-15 22:11 - 2021-07-15 22:15 - 102416610 _____ C:\Users\hodbo\Downloads\Zamena.1983.1080p.BluRay.x265.AC3.CZ.dabing.mkv
2021-07-15 16:18 - 2021-07-15 16:23 - 2169790142 _____ C:\Users\hodbo\Downloads\Geniální.přítelkyně.02.1080i.H265.HDTV.CZ.rar
2021-07-15 09:12 - 2021-07-15 09:12 - 000000165 ____H C:\Users\hodbo\Desktop\~$Personál.xlsx
2021-07-14 14:46 - 2021-07-14 14:46 - 000000000 ____D C:\ProgramData\Glarysoft
2021-07-14 14:44 - 2021-07-20 00:31 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\GlarySoft
2021-07-14 14:44 - 2021-07-14 14:44 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2021-07-14 14:44 - 2021-07-14 14:44 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\DiskDefrag
2021-07-14 14:15 - 2021-07-14 14:16 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Zoom
2021-07-14 12:27 - 2021-07-14 12:27 - 000000000 ____D C:\WINDOWS\Panther
2021-07-11 20:13 - 2021-07-11 21:00 - 868655695 _____ C:\Users\hodbo\Downloads\Swing (2002).rar
2021-07-09 23:02 - 2021-07-09 23:06 - 1583357637 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E06.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:02 - 2021-07-09 23:06 - 1442546634 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E05.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:02 - 2021-07-09 23:05 - 1277699793 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E03.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 23:00 - 2021-07-09 23:02 - 1182875212 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E04.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:58 - 2021-07-09 23:00 - 1243523501 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E02.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:57 - 2021-07-09 23:00 - 1455147266 _____ C:\Users\hodbo\Downloads\Trese Strážkyně světů - Trese.S01E01.1080p.NF.WEB-DL.DDP5.1.x264-T4H (CZ Titulky).mkv
2021-07-09 22:28 - 2021-07-09 22:30 - 1991649158 _____ C:\Users\hodbo\Downloads\Jeden za vsechny - Uno.para.todos.2020.720p.HDTV.CZ.dabing.mkv
2021-07-09 20:49 - 2021-07-09 20:54 - 1908939548 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e08.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:49 - 2021-07-09 20:53 - 1538325357 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e09.Film.o.Filme.2020.WEB-DL.(1080p).Getty.mkv
2021-07-09 20:48 - 2021-07-09 20:53 - 1814705909 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e07.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:48 - 2021-07-09 20:53 - 1621863145 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e06.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 20:46 - 2021-07-09 20:51 - 1645229629 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e05.2020.WEB-DL.1080.cz.tit.mkv
2021-07-09 13:59 - 2021-07-09 14:03 - 000143872 _____ C:\Users\hodbo\Downloads\PZ-pololeti-AT-pece-2021.xls
2021-07-08 22:54 - 2021-07-09 20:49 - 1998946577 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e01.2020.WEB-DL.1080.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:49 - 1808876817 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e02.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:48 - 1555966138 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e03.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 22:54 - 2021-07-09 20:48 - 1499176897 _____ C:\Users\hodbo\Downloads\Pereval.Dyatlova.e04.2020.WEB-DL.1080p.cz.tit.mkv
2021-07-08 21:40 - 2021-07-09 20:46 - 4016420061 _____ C:\Users\hodbo\Downloads\Tridni boj - La.Lutte.des.classes.2019.1080p.WEBRip.CZ.dabing.mkv
2021-07-07 12:31 - 2021-07-07 12:31 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 12:31 - 2021-07-07 12:31 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 12:31 - 2021-07-07 12:31 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 12:31 - 2021-07-07 12:31 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 12:31 - 2021-07-07 12:31 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 12:31 - 2021-07-07 12:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-07 12:30 - 2021-07-07 12:30 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 12:26 - 2021-07-20 00:31 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2021-07-05 23:15 - 2021-07-06 13:29 - 2524171820 _____ C:\Users\hodbo\Downloads\Kapitalky - Uppercase.Print.2020.720p.HDTV.CZ.dabing.mkv
2021-07-05 23:12 - 2021-07-06 13:39 - 024606752 _____ C:\Users\hodbo\Downloads\Tokijsti kmotri - Tokyo.Godfathers.2003.1080p.BluRay.CZ.dabing.mkv
2021-07-05 23:09 - 2021-07-06 13:22 - 2312486332 _____ C:\Users\hodbo\Downloads\Amerika Film - America.The.Motion.Picture.2021.1080p.WEBRip.CZ.dabing.5.1.mkv
2021-07-05 23:06 - 2021-07-06 13:31 - 3252343721 _____ C:\Users\hodbo\Downloads\The.Tomorrow.War.2021.1080p.WEBRip.CZ.dabing.5.1.mkv
2021-07-05 17:10 - 2021-07-05 17:10 - 000215536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-07-05 16:06 - 2021-07-20 09:27 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebCam Morpher
2021-07-05 16:05 - 2010-12-02 18:17 - 000017152 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\avwebcam.sys
2021-06-26 13:21 - 2021-06-26 13:21 - 000147820 _____ C:\Users\hodbo\Downloads\CertifikatTestu.pdf
2021-06-26 13:21 - 2021-06-26 13:21 - 000145169 _____ C:\Users\hodbo\Downloads\OckovaciCertifikat.pdf
2021-06-26 13:08 - 2021-06-26 13:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-06-26 10:58 - 2021-06-26 10:58 - 000328269 _____ C:\Users\hodbo\Downloads\Jaroslav Hodboď.pdf
2021-06-26 10:58 - 2021-06-26 10:58 - 000328058 _____ C:\Users\hodbo\Downloads\Kateřina Hodboďová.pdf
2021-06-25 13:29 - 2021-06-25 13:29 - 000602387 _____ C:\Users\hodbo\Downloads\Stanovy.pdf
2021-06-25 11:53 - 2021-06-25 11:53 - 000081473 _____ C:\Users\hodbo\Desktop\Faktura_210100002.pdf
2021-06-25 11:53 - 2021-06-25 11:53 - 000005533 _____ C:\Users\hodbo\Desktop\Faktura_210100002.isdoc
2021-06-25 11:53 - 2021-06-25 11:53 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\STORMWARE
2021-06-25 11:34 - 2021-06-25 11:34 - 000002138 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA 2021 START.lnk
2021-06-25 11:34 - 2021-06-25 11:34 - 000000000 ____D C:\ProgramData\STORMWARE
2021-06-25 11:34 - 2021-06-25 11:34 - 000000000 ____D C:\Program Files (x86)\STORMWARE
2021-06-25 11:33 - 2021-06-25 11:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-25 11:18 - 2021-06-25 11:20 - 220674880 _____ C:\Users\hodbo\Downloads\SetupPohodaCZ_Start_12802.exe
2021-06-24 08:08 - 2021-06-24 08:08 - 001686975 _____ C:\Users\hodbo\Downloads\MU-BP-2015-Hajduk-David-Hajduk_David_BP.pdf
2021-06-22 13:18 - 2021-06-22 13:18 - 000031245 _____ C:\Users\hodbo\Desktop\Kopie - vzdělávání 2021 all CARE.xlsx
2021-06-20 23:31 - 2021-06-20 23:53 - 1980332604 _____ C:\Users\hodbo\Downloads\Laska na kari - Kom.Drama -USA - 2014- cz dab_2.mkv
2021-06-20 23:22 - 2021-06-20 23:47 - 2071412988 _____ C:\Users\hodbo\Downloads\Velká ryba - Big Fish CZdabing 2003 Fanstasy Dobrodružný.mkv
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-20 10:45 - 2021-05-12 00:42 - 000000000 ____D C:\Users\hodbo\AppData\Local\Packages
2021-07-20 10:44 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-20 10:42 - 2021-05-12 01:19 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-20 10:42 - 2021-05-12 00:58 - 000000000 ____D C:\Program Files\CCleaner
2021-07-20 10:42 - 2021-05-12 00:57 - 000000000 ____D C:\ProgramData\AVG
2021-07-20 10:42 - 2021-05-12 00:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-20 10:41 - 2021-05-12 01:19 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-20 10:41 - 2021-05-12 01:18 - 000000000 ____D C:\WINDOWS\INF
2021-07-20 10:41 - 2021-05-12 00:58 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-07-20 10:41 - 2021-05-12 00:29 - 000000000 ____D C:\Program Files\Realtek
2021-07-20 10:41 - 2020-12-09 19:47 - 000000000 ____D C:\Users\hodbo\AppData\LocalLow\Mozilla
2021-07-20 10:41 - 2020-12-09 13:05 - 000000000 ___RD C:\Users\hodbo\OneDrive
2021-07-20 10:40 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-20 10:40 - 2021-05-12 00:32 - 000000000 ____D C:\Users\hodbo
2021-07-20 10:40 - 2021-05-12 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-20 10:40 - 2020-12-09 13:03 - 000000000 __SHD C:\Users\hodbo\IntelGraphicsProfiles
2021-07-20 10:40 - 2020-12-09 12:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-20 10:40 - 2020-12-09 12:42 - 000000000 ____D C:\Intel
2021-07-20 10:39 - 2021-05-17 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft AVI Repair
2021-07-20 10:39 - 2021-05-17 23:54 - 000000000 ____D C:\Program Files (x86)\Jihosoft
2021-07-20 10:39 - 2021-05-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-07-20 10:39 - 2021-05-17 23:14 - 000000000 ____D C:\Program Files\Recuva
2021-07-20 10:39 - 2021-05-12 00:32 - 000000000 ____D C:\Users\defaultuser100000.SAMAN
2021-07-20 10:37 - 2021-05-12 01:19 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-20 10:36 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\registration
2021-07-20 10:31 - 2021-05-12 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-20 09:15 - 2021-05-12 01:14 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-20 08:58 - 2021-05-12 01:21 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-20 08:58 - 2021-05-12 01:21 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-20 08:58 - 2021-05-12 00:41 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-20 08:24 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-20 08:18 - 2021-05-13 00:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-07-20 08:18 - 2021-05-12 00:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-20 08:18 - 2021-05-12 00:58 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-07-20 08:18 - 2021-05-12 00:49 - 000000000 ____D C:\Users\hodbo\AppData\Roaming\vlc
2021-07-20 08:18 - 2021-05-12 00:44 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-866693231-3887322836-1461819324-1001
2021-07-20 08:18 - 2021-05-12 00:29 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-20 08:18 - 2021-05-12 00:29 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-20 02:19 - 2021-05-14 22:23 - 000000000 ____D C:\Program Files (x86)\FastShare
2021-07-20 00:30 - 2021-05-12 00:32 - 000002379 _____ C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-20 00:29 - 2021-05-12 00:28 - 000524504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-20 00:29 - 2020-12-21 14:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-20 00:29 - 2020-12-21 14:46 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-20 00:28 - 2021-05-12 01:19 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-19 04:11 - 2021-05-13 13:02 - 000000000 ____D C:\Users\hodbo\AppData\Local\WebEx
2021-07-19 01:46 - 2021-05-12 00:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-07-18 16:27 - 2021-05-12 01:15 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-18 16:03 - 2021-01-27 10:48 - 000000000 ____D C:\Users\hodbo\AppData\LocalLow\WebEx
2021-07-18 16:00 - 2020-12-09 15:24 - 000000000 ___HD C:\$WinREAgent
2021-07-16 23:40 - 2021-05-13 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 23:38 - 2021-05-13 03:12 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 10:58 - 2020-12-09 19:22 - 000002336 ____H C:\Users\hodbo\Documents\Default.rdp
2021-07-15 19:06 - 2020-12-29 10:44 - 000000000 ____D C:\Users\hodbo\Documents\Šablony
2021-07-14 14:34 - 2021-05-12 00:56 - 000000000 ____D C:\ProgramData\Adobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-14 12:26 - 2021-05-12 01:19 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-12 20:16 - 2021-05-26 08:44 - 000000000 ____D C:\Users\hodbo\AppData\Local\D3DSCache
2021-07-09 21:48 - 2021-05-12 00:51 - 000002366 _____ C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-07-09 21:48 - 2021-05-12 00:50 - 000002358 _____ C:\Users\hodbo\Desktop\Microsoft Teams.lnk
2021-07-08 14:21 - 2020-10-12 13:24 - 000031392 _____ C:\Users\hodbo\Desktop\Personál.xlsx
2021-07-07 12:17 - 2021-05-12 00:59 - 000002001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2021-07-07 12:17 - 2021-05-12 00:59 - 000001989 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2021-07-07 12:16 - 2021-05-12 01:19 - 000000000 ____D C:\Program Files\Windows Defender
2021-07-07 12:16 - 2021-05-12 00:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-05 17:10 - 2021-05-12 00:58 - 000851344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000524568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000472064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000366704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000327696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000250464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000217056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000182736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000108000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000099440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000083056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000041488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-07-05 17:10 - 2021-05-12 00:58 - 000035872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-07-05 16:08 - 2021-05-12 00:42 - 000000000 ____D C:\Users\hodbo\AppData\Local\VirtualStore
2021-06-25 11:34 - 2021-04-25 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2021-06-23 10:09 - 2021-06-11 10:02 - 000358894 _____ C:\Users\hodbo\Desktop\KK_Děti.pptx
==================== Files in the root of some directories ========
2021-05-26 08:44 - 2021-05-26 08:44 - 006922240 _____ () C:\Program Files (x86)\GUT5555.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by hodbo (20-07-2021 10:46:21)
Running from C:\Users\hodbo\Desktop
Windows 10 Home Version 21H1 19043.1110 (X64) (2021-05-11 22:42:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-866693231-3887322836-1461819324-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-866693231-3887322836-1461819324-503 - Limited - Disabled)
Guest (S-1-5-21-866693231-3887322836-1461819324-501 - Limited - Disabled)
hodbo (S-1-5-21-866693231-3887322836-1461819324-1001 - Administrator - Enabled) => C:\Users\hodbo
WDAGUtilityAccount (S-1-5-21-866693231-3887322836-1461819324-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.5.3185 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\ActiveTouchMeetingClient) (Version: 41.7.4 - Cisco Webex LLC)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Jihosoft AVI Repair version 1.0.0.8 (HKLM-x32\...\{83E9A6A4-A5E1-48F1-9DAE-E82E9ECDBB41}_is1) (Version: 1.0.0.8 - Jihosoft Studio)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.70 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14131.20320 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.1 (x64 cs)) (Version: 90.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
STORMWARE POHODA Start CZ (HKLM-x32\...\{B3DDCA86-6369-43B8-B10F-6F4F47259D92}) (Version: 12802.6 - STORMWARE)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
WhatsApp (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\WhatsApp) (Version: 2.2119.6 - WhatsApp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)
Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\dellinc.dellsupportassistforpcs_3.9.11.0_x64__htrsf667h5kn2 [2021-07-07] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-20] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-07] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-866693231-3887322836-1461819324-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\hodbo\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-866693231-3887322836-1461819324-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hodbo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_25477efa0de18af8\igfxDTCM.dll [2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-07-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\hodbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-01] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\sharepoint.com -> hxxps://fokusmb-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-05-12 01:19 - 2021-05-12 01:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hodbo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-866693231-3887322836-1461819324-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0FC622C0-4131-4FC1-B35C-8878682510D8}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A3CF28F8-0F0C-4A91-8529-6C91B74E81D1}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C70B3F24-659E-4FFE-B59B-89167DCC4226}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5C46C1E0-6310-494E-84EA-EEBB089E3F11}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3193CA7C-8D1D-4BA8-80F9-B7BA12609CC1}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2FDD5F7B-B376-4465-B845-B2C576AB426C}C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hodbo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0A7F46F-27F3-4414-9565-0C8607C5531D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E491984-B201-49F7-9401-D8196E1E9DB5}] => (Allow) C:\Users\hodbo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2D30E4D9-761A-412A-98E0-BF515E097EE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A28358A4-4AAC-4D55-AFB3-AA969FF483A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AE1D522-C092-437B-861C-AE68BCC2770B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22B59C3D-8EC7-4CE2-8206-1A8A99F9DFA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3B745DD8-1368-485F-B72D-E765F5449B20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B97258ED-3CAD-4D30-8C5D-D3F9BC32E7EC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-07-2021 09:16:15 Windows Update
20-07-2021 10:34:24 Operace obnovení
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/20/2021 10:44:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:44:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:44:40 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:44:40 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SAMAN)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147024893
Error: (07/20/2021 10:40:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4564,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU00850.log došlo k chybě -1811 (0xfffff8ed).
Error: (07/20/2021 10:31:55 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 3286951 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 10:31:55 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 3286945 ms
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]
Policy: Passive Policy [1]
Error: (07/20/2021 09:37:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1081, časové razítko: 0x473ce9d1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1878
ID chybujícího procesu: 0x7a4
Čas spuštění chybující aplikace: 0x01d77d3a10b06ac7
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 4f78c017-3b20-4794-9e05-6b6679397d6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/20/2021 10:40:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:37:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:24:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:23:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:20:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:15:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (07/20/2021 09:03:11 AM) (Source: DCOM) (EventID: 10000) (User: SAMAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/20/2021 08:50:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vcs neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
CodeIntegrity:
===============
Date: 2021-07-20 10:42:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-07-20 10:42:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-07-20 10:42:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.32.1 05/05/2021
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 16250.02 MB
Available physical RAM: 10836.96 MB
Total Virtual: 18682.02 MB
Available Virtual: 13492.41 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:227.4 GB) (Free:13.01 GB) NTFS
\\?\Volume{de0332c6-1f14-4e35-99c0-8542a53605d8}\ () (Fixed) (Total:0.45 GB) (Free:0.44 GB) NTFS
\\?\Volume{97462f55-a7ca-447c-b4e2-65d0827c5b08}\ () (Fixed) (Total:8.93 GB) (Free:8.33 GB) NTFS
\\?\Volume{09ef245c-85de-4791-93b4-625faf27a057}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.21 GB) NTFS
\\?\Volume{b7d9c426-7bf4-4ee1-819c-2ca92a3ee32d}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3BAAA986)
Partition: GPT.
==================== End of Addition.txt =======================
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosba o pomoc
Ve vašem případě pak pomůže zřejmě jen návrat do tov. nastavení se zachováním vašich souborů. Ten AV vůbec neznám a ani v testech jsem ho nenašel. Pravděpodobně to bude něco hoooodně obskurního. To vám říkám proto, abyste instaloval AV osvědčených značek (Avast, Avira, pokud chcete free software), příp. placené (Norton, NOD).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?