Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

pc se zastavuje nejvíce při použití chrome a seznamu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

pc se zastavuje nejvíce při použití chrome a seznamu

#1 Příspěvek od gold »

Přikládámlogy, prosím o kontrolu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by oldřich (administrator) on RAKETA (MSI MS-7641) (26-08-2021 17:02:01)
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Bluestack Systems, Inc -> Bluestack System Inc.) C:\Program Files\BlueStacks\BstkSVC.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Player.exe <2>
(BlueStack Systems, Inc.) [File not signed] C:\Program Files\BlueStacks\Bluestacks.exe <3>
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(INTERNET PROJECT LLC -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(INTERNET PROJECT LLC -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Seznam.cz, a.s. -> ) C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Winthread Software) [File not signed] C:\Program Files\Windows Keylogger\conhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [conhost] => C:\Program Files\Windows Keylogger\conhost.exe [627200 2016-01-19] (Winthread Software) [File not signed]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [204272 2018-10-10] (INTERNET PROJECT LLC -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114012032 2021-07-20] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [upjers Home] => C:\Users\oldřich\AppData\Local\Programs\upjers-playground2\upjers Home.exe [105073896 2020-08-19] (upjers GmbH -> upjers GmbH)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Opera Browser Assistant] => C:\Users\oldřich\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1384328 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2935BB9D-86BF-40A5-B062-D028E09A8D77} - System32\Tasks\CCleanerSkipUAC - oldřich => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2C607AEE-5E7E-426B-A8F9-CC727FC7F3D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {4282C8F2-A2E1-43B6-ABB7-0A6208E9C41D} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [363400 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {561FDBC9-4D77-41B9-BA9E-D16A5F61394E} - System32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5666AB83-26DA-49B3-B370-FC9B2178B955} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D961744-82F6-4AEC-BCF8-F6E3F0B62C83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-25] (Adobe Inc. -> Adobe)
Task: {5DCC1D9D-37CE-4442-8708-6DF16821D838} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {624DC831-128A-421C-9674-49E4280C30FF} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {639CAEFC-A071-4F6F-AE9B-323AF24F0015} - System32\Tasks\Opera scheduled assistant Autoupdate 1592314214 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\oldřich\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {79941511-C806-47AC-8B87-D2A8DFC91079} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {7F65DD54-C01A-4A7B-B6C0-46C80969AB9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
Task: {993939E0-DA54-497D-9645-5761516B1F3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {D086F73E-ED65-41AF-AF02-9A0E961E8E23} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-22] (Adobe Inc. -> Adobe)
Task: {D1962051-92BA-4BCA-A88A-82427BEDE832} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4902680 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
Task: {E1673A99-EDBD-4D1B-9EC5-953C8AF66E41} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {EC3957C9-9BD6-4363-82E2-316AFD32A7AA} - System32\Tasks\Opera scheduled Autoupdate 1591799864 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{832D3418-B880-4F00-86CD-1C65EC6DB039}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\oldřich\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-15]
Edge Notifications: Default -> hxxps://cz2.herozerogame.com

FireFox:
========
FF DefaultProfile: gde1uc3i.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default [2020-07-17]
FF Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\ezjbdbhd.default-release [2021-08-26]
FF Homepage: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://s1-cz.tanoth.gameforge.com/main/client/|hxxps://cz2.herozerogame.com/|about:addons
FF NetworkProxy: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://cz2.herozerogame.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2021-08-26]
CHR Notifications: Default -> hxxps://cz2.herozerogame.com; hxxps://makro-cz.os.tc; hxxps://sip.denik.cz; hxxps://sk.pinterest.com; hxxps://www.idnes.cz; hxxps://www.levneletenky.org; hxxps://www.tipsport.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://cz2.herozerogame.com/#","hxxps://s1-cz.tanoth.gameforge.com/","hxxps://www.idnes.cz/"
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-27]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2021-08-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-15]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

Opera:
=======
OPR Profile: C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable [2021-08-24]
OPR Notifications: Opera Stable -> hxxps://cz2.herozerogame.com; hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Translator) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-08-24]
OPR Extension: (Web Apps launcher for Google) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enbkoenhcjpodcjhgmmdnpodhjgojokp [2020-07-08]
OPR Extension: (Rich Hints Agent) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-08-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (Install Chrome Extensions) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-07-08]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-08-15]
OPR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-06-21]

Vivaldi:
=======
VIV Profile: C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default [2021-08-15]
VIV Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-11-02]
VIV Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-11-02]
VIV Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-04] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8262736 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [627480 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [374552 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-10-10] (INTERNET PROJECT LLC -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15856 2018-10-10] (INTERNET PROJECT LLC -> Ellora Assets Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [218976 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [367640 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184648 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559816 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108408 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82904 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851704 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [328568 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\Windows\system32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_arabica; C:\Program Files\BlueStacks_arabica\BstkDrv_arabica.sys [315952 2021-02-23] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 17:02 - 2021-08-26 17:04 - 000023416 _____ C:\Users\oldřich\Downloads\FRST.txt
2021-08-26 16:55 - 2021-08-26 17:03 - 000000000 ____D C:\FRST
2021-08-26 16:53 - 2021-08-26 16:53 - 002300928 _____ (Farbar) C:\Users\oldřich\Downloads\FRST64.exe
2021-08-19 01:53 - 2021-08-25 14:57 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - oldřich
2021-08-15 01:55 - 2021-08-15 01:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-14 17:43 - 2021-08-15 20:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-13 17:21 - 2021-08-13 17:21 - 013212440 _____ C:\Users\oldřich\Downloads\wink_installer (3).exe
2021-08-12 16:31 - 2021-08-12 16:31 - 000067383 _____ C:\Users\oldřich\Downloads\Keylogger 4.zip
2021-08-12 16:24 - 2021-08-12 16:24 - 005255403 _____ C:\Users\oldřich\Downloads\ksetup (1).zip
2021-08-11 12:15 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-11 12:15 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2021-08-08 05:10 - 2021-08-08 05:11 - 014286519 _____ C:\Users\oldřich\Downloads\Nepotvrzeno 863623.crdownload
2021-08-04 23:23 - 2021-08-04 23:23 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-08-04 23:23 - 2021-08-04 23:23 - 000215392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-08-03 20:22 - 2021-08-03 20:22 - 000000000 ____D C:\Users\oldřich\AppData\Local\Winthread_Software
2021-08-03 20:16 - 2021-08-26 17:03 - 000000000 __SHD C:\Program Files\Windows Keylogger
2021-08-03 20:16 - 2021-08-13 17:18 - 000000000 ____D C:\ProgramData\wink
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\MSBuild
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-07-29 19:29 - 2021-07-29 19:29 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (2).exe
2021-07-29 15:51 - 2021-07-29 15:52 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (1).exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 16:42 - 2020-06-10 15:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 14:36 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2021-08-26 13:53 - 2020-10-16 12:46 - 000000000 ____D C:\Program Files\CCleaner
2021-08-26 13:43 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job
2021-08-26 13:13 - 2020-06-10 15:21 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9D31D5CA-EF01-4702-B69D-BA54BE3B04A1}
2021-08-25 14:57 - 2021-01-14 16:44 - 000003864 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-08-25 14:57 - 2021-01-13 14:07 - 000003354 _____ C:\Windows\system32\Tasks\AMD ThankingURL
2021-08-25 14:57 - 2021-01-13 14:05 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-08-25 14:57 - 2020-10-16 12:46 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-08-25 14:57 - 2020-10-16 12:46 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-08-25 14:57 - 2020-06-11 01:58 - 000003276 _____ C:\Windows\system32\Tasks\update-sys
2021-08-25 14:57 - 2020-06-11 01:58 - 000003258 _____ C:\Windows\system32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-25 14:57 - 2020-06-10 23:15 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 23:15 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 19:23 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 19:23 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 16:37 - 000004058 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1591799864
2021-08-25 14:57 - 2020-06-10 15:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-08-24 21:23 - 2020-06-10 15:23 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-24 19:42 - 2020-07-17 20:45 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Seznam.cz
2021-08-24 15:47 - 2020-06-10 15:19 - 000000000 ____D C:\Users\oldřich\OneDrive
2021-08-24 15:44 - 2020-06-21 22:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-24 15:44 - 2020-06-10 15:23 - 000000000 ____D C:\ProgramData\Avast Software
2021-08-24 15:44 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-22 13:55 - 2020-07-03 21:39 - 000000000 ____D C:\Windows\Minidump
2021-08-22 13:55 - 2020-06-10 15:05 - 000103936 ____N C:\Windows\Minidump\082221-18187-01.dmp
2021-08-21 12:29 - 2020-06-10 19:24 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-21 12:29 - 2020-06-10 19:24 - 000002200 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-21 00:49 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-08-19 13:48 - 2020-06-10 15:24 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-08-19 13:48 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-08-18 23:38 - 2020-06-10 23:15 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-18 23:38 - 2020-06-10 23:15 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-18 13:44 - 2021-05-26 10:48 - 000000000 ____D C:\Users\oldřich\AppData\Local\Avast Software
2021-08-17 15:37 - 2014-11-21 06:53 - 001748688 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-17 15:37 - 2014-11-21 06:10 - 000739580 _____ C:\Windows\system32\perfh005.dat
2021-08-17 15:37 - 2014-11-21 06:10 - 000151702 _____ C:\Windows\system32\perfc005.dat
2021-08-15 20:41 - 2020-06-11 13:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-15 01:58 - 2020-06-11 13:46 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2021-08-15 01:56 - 2020-06-11 13:46 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-15 01:55 - 2020-06-12 05:59 - 000139776 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2021-08-15 01:55 - 2020-06-11 13:46 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-15 01:49 - 2020-06-21 23:02 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2021-08-15 01:46 - 2020-07-28 15:16 - 000667648 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2021-08-14 12:06 - 2020-06-10 16:37 - 000001432 _____ C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-08-14 11:59 - 2020-06-10 15:25 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-08-12 13:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-08-11 15:29 - 2013-08-22 16:44 - 000386688 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-11 15:25 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-08-11 12:31 - 2020-06-10 16:19 - 000000000 ____D C:\Windows\system32\MRT
2021-08-11 12:26 - 2020-06-10 16:19 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-08-11 12:26 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-08-04 23:23 - 2020-10-13 14:11 - 000184648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000851704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000559816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000367640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000328568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000218976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000108408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000082904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\MUI
2021-07-29 16:16 - 2020-06-11 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories ========

2020-06-11 01:58 - 2020-06-11 01:58 - 000000003 _____ () C:\Users\oldřich\AppData\Local\updater.log
2020-07-25 12:04 - 2021-01-12 15:58 - 000000071 _____ () C:\Users\oldřich\AppData\Local\update_progress.txt
2020-06-11 01:58 - 2020-06-11 01:58 - 000000424 _____ () C:\Users\oldřich\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-08-20 12:20
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by oldřich (26-08-2021 17:05:44)
Running from C:\Users\oldřich\Downloads
Windows 8.1 (Update) (X64) (2020-06-10 13:11:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1232733984-2448475865-4075963903-500 - Administrator - Disabled)
Guest (S-1-5-21-1232733984-2448475865-4075963903-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232733984-2448475865-4075963903-1003 - Limited - Enabled)
oldřich (S-1-5-21-1232733984-2448475865-4075963903-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{E41DBD59-18EC-BB7B-A605-0A4CC449A599}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Any Video Converter 7.1.0 (HKLM-x32\...\Any Video Converter) (Version: 7.1.0 - Anvsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
BlueStacks 5 Beta (HKLM\...\BlueStacks_arabica) (Version: 5.0.0.7228 - BlueStack Systems, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0 (x64 cs)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.9.0 - Mozilla)
Mozilla Thunderbird 78.10.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.10.0 (x64 cs)) (Version: 78.10.0 - Mozilla)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero MediaHome verze 1.5 (HKLM-x32\...\Nero MediaHome_is1) (Version: 1.5 - )
Nox App Player verze 1.5 (HKLM-x32\...\Nox App Player_is1) (Version: 1.5 - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera Stable 78.0.4093.147 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Opera 78.0.4093.147) (Version: 78.0.4093.147 - Opera Software)
Seznam Software (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Skype verze 8.74 (HKLM-x32\...\Skype_is1) (Version: 8.74 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
upjers Home 2.1.64 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\{e2446448-09eb-5b1b-84b1-6746557362e3}) (Version: 2.1.64 - upjers GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
win8codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.4.0 - Shark007)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-06-11] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-05-25 19:04 - 2017-05-25 19:04 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-17 15:09 - 2020-10-07 23:33 - 099684864 _____ () [File not signed] C:\ProgramData\BlueStacks\CefData\libcef.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 000278528 ___SH (hxxp://system.data.sqlite.org/) [File not signed] [File is in use] C:\Program Files\Windows Keylogger\System.Data.SQLite.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 001126912 ___SH (Robert Simpson, et al.) [File not signed] C:\Program Files\Windows Keylogger\x64\SQLite.Interop.dll
2021-03-17 15:09 - 2020-10-07 23:33 - 000564736 _____ (The Chromium Authors) [File not signed] C:\ProgramData\BlueStacks\CefData\chrome_elf.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://cz2.herozerogame.com/
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {022CF883-3558-43DB-8AED-09121BE2182E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {201B8636-521D-4372-97C4-2DE4A5C95134} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {51C160AA-C928-4438-A19A-8F8B0CE4EBF5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {599E34A9-7282-44D5-96E7-B3CF226FB774} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {7C46D962-7C33-4E93-99E0-77710DF5ED19} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {B17287DB-F76F-4F7E-A544-96CB55F2EEE4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {DC2B1D7B-90C9-4F9F-B4C2-52DB70EB829B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {E5F6B98D-7EEA-484A-B7AE-D1F147489EEF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {F2B8B33A-9075-4332-9836-F4730F68268F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\StartupApproved\Run: => "upjers Home"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCCB3323-AB5A-40A6-9014-9577A81501E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{706D6B0B-C362-402A-A0ED-EDBAA76D3B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{77905B17-BB9A-494D-9FC2-76E11E5EA622}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A4D1068E-96CE-4B14-8724-260B487C674B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CDB97009-D93F-4D41-8463-14BB57A4F6C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B58628A7-C6A6-4E9D-8A90-3004A1A1460C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9AB02844-9CD2-4562-A30C-99CB956774DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{772A242A-5832-418D-8A99-1DB93ED6433B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BBEB9110-6D6E-4201-96F1-7E37E1596063}] => (Allow) C:\Program Files\BlueStacks_arabica\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems)
FirewallRules: [{EF61F43A-CBE0-431A-B605-EE9345AABFC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42AF646-7B62-4AE5-B8C1-1035F6CB7B69}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D54BF45-A261-4407-A928-FD58A25E1A7A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EBD72954-00A5-4F48-8157-79680A2F9601}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1B0EAFDB-AB6B-4A28-B307-8B65B53C4CC6}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{3237C765-BF24-4EB9-9115-9F4D6C658396}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{D5BD37FC-B439-4CC8-B416-E44E9EE1E135}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7000D18E-80C1-48CB-A9EF-FE0A0E19AE80}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6437D7BA-B08D-4804-A506-92FE99A776E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-08-2021 20:10:26 Instalační služba modulů systému Windows
11-08-2021 12:20:38 Windows Update
20-08-2021 12:22:07 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/23/2021 03:12:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 103c

Čas spuštění: 01d79759dda84979

Čas ukončení: 290

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: bcc91207-0413-11ec-8355-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/20/2021 04:43:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2194

Čas spuštění: 01d79521aa162a17

Čas ukončení: 40

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 564a099b-0160-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:56:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18e0

Čas spuštění: 01d794f10b15e279

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 7283d039-00e4-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2200

Čas spuštění: 01d7947ecc21dbda

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 4b16c5a6-007d-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 12:17:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12e8

Čas spuštění: 01d7943862e3639e

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: e1142745-0071-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/18/2021 03:21:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1a6c

Čas spuštění: 01d7942d4729e075

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 3b4f07f5-0027-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/15/2021 08:44:07 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/15/2021 08:44:07 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (08/26/2021 05:06:41 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:06:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:06:11 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:04:11 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:04:11 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:03:04 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:03:00 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:02:26 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.


Windows Defender:
================
Date: 2020-06-10 22:45:09.405
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

Date: 2020-06-10 16:29:19.000
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.17100.2
Předchozí verze modulu: 1.1.9700.0
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x8050800c
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2020-06-10 15:46:33.661
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V17.11 10/31/2012
Motherboard: MSI 760GM-P34(FX) (MS-7641)
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 95%
Total physical RAM: 8191.18 MB
Available physical RAM: 399 MB
Total Virtual: 16383.18 MB
Available Virtual: 5068.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:540.89 GB) (Free:407.16 GB) NTFS
Drive d: () (Fixed) (Total:390.28 GB) (Free:389.65 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{17498778-ab1b-11ea-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 21B252CA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#3 Příspěvek od gold »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-26-2021
# Duration: 00:00:16
# OS: Windows 8.1
# Scanned: 31990
# Detected: 15


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\oldřich\AppData\Local\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\oldřich\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#4 Příspěvek od Rudy »

Položky, které ADW nalezl, smažte (dejte do karantény), restartujte a dejte pak nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#5 Příspěvek od gold »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by oldřich (administrator) on RAKETA (MSI MS-7641) (26-08-2021 20:22:38)
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(INTERNET PROJECT LLC -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Winthread Software) [File not signed] C:\Program Files\Windows Keylogger\conhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [conhost] => C:\Program Files\Windows Keylogger\conhost.exe [627200 2016-01-19] (Winthread Software) [File not signed]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [upjers Home] => C:\Users\oldřich\AppData\Local\Programs\upjers-playground2\upjers Home.exe [105073896 2020-08-19] (upjers GmbH -> upjers GmbH)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Opera Browser Assistant] => C:\Users\oldřich\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1384328 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2935BB9D-86BF-40A5-B062-D028E09A8D77} - System32\Tasks\CCleanerSkipUAC - oldřich => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4282C8F2-A2E1-43B6-ABB7-0A6208E9C41D} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [363400 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {561FDBC9-4D77-41B9-BA9E-D16A5F61394E} - System32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5666AB83-26DA-49B3-B370-FC9B2178B955} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D961744-82F6-4AEC-BCF8-F6E3F0B62C83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-25] (Adobe Inc. -> Adobe)
Task: {5DCC1D9D-37CE-4442-8708-6DF16821D838} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {624DC831-128A-421C-9674-49E4280C30FF} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {639CAEFC-A071-4F6F-AE9B-323AF24F0015} - System32\Tasks\Opera scheduled assistant Autoupdate 1592314214 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\oldřich\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {79941511-C806-47AC-8B87-D2A8DFC91079} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {7F65DD54-C01A-4A7B-B6C0-46C80969AB9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
Task: {993939E0-DA54-497D-9645-5761516B1F3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {AC93EB04-FEA8-4401-A21D-24F72C01BE65} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {D086F73E-ED65-41AF-AF02-9A0E961E8E23} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-22] (Adobe Inc. -> Adobe)
Task: {D1962051-92BA-4BCA-A88A-82427BEDE832} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4902680 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
Task: {E1673A99-EDBD-4D1B-9EC5-953C8AF66E41} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {EC3957C9-9BD6-4363-82E2-316AFD32A7AA} - System32\Tasks\Opera scheduled Autoupdate 1591799864 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{832D3418-B880-4F00-86CD-1C65EC6DB039}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\oldřich\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-26]

FireFox:
========
FF DefaultProfile: gde1uc3i.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default [2020-07-17]
FF Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\ezjbdbhd.default-release [2021-08-26]
FF Homepage: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://s1-cz.tanoth.gameforge.com/main/client/|hxxps://cz2.herozerogame.com/|about:addons
FF NetworkProxy: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://cz2.herozerogame.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2021-08-26]
CHR Notifications: Default -> hxxps://cz2.herozerogame.com; hxxps://makro-cz.os.tc; hxxps://sip.denik.cz; hxxps://sk.pinterest.com; hxxps://www.idnes.cz; hxxps://www.levneletenky.org; hxxps://www.tipsport.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://cz2.herozerogame.com/#","hxxps://s1-cz.tanoth.gameforge.com/","hxxps://www.idnes.cz/"
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-27]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2021-08-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-26]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

Opera:
=======
OPR Profile: C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable [2021-08-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Translator) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-08-26]
OPR Extension: (Web Apps launcher for Google) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enbkoenhcjpodcjhgmmdnpodhjgojokp [2020-07-08]
OPR Extension: (Rich Hints Agent) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-08-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (Install Chrome Extensions) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-07-08]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-08-15]
OPR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-06-21]

Vivaldi:
=======
VIV Profile: C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default [2021-08-26]
VIV Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-11-02]
VIV Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-11-02]
VIV Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-04] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8262736 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [627480 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [374552 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-10-10] (INTERNET PROJECT LLC -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15856 2018-10-10] (INTERNET PROJECT LLC -> Ellora Assets Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-08-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [218976 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [367640 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184648 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559816 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108408 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82904 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851704 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [328568 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\Windows\system32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_arabica; C:\Program Files\BlueStacks_arabica\BstkDrv_arabica.sys [315952 2021-02-23] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 18:28 - 2021-08-26 20:07 - 000000000 ____D C:\AdwCleaner
2021-08-26 18:26 - 2021-08-26 18:26 - 008553680 _____ (Malwarebytes) C:\Users\oldřich\Downloads\adwcleaner_8.3.0 (1).exe
2021-08-26 18:25 - 2021-08-26 18:25 - 008553680 _____ (Malwarebytes) C:\Users\oldřich\Downloads\adwcleaner_8.3.0.exe
2021-08-26 18:14 - 2021-08-26 18:14 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-08-26 17:59 - 2021-08-26 18:00 - 000000000 ____D C:\Program Files\Recuva
2021-08-26 17:59 - 2021-08-26 17:59 - 000001736 _____ C:\Users\Public\Desktop\Defraggler.lnk
2021-08-26 17:59 - 2021-08-26 17:59 - 000001670 _____ C:\Users\Public\Desktop\Recuva.lnk
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____D C:\Program Files\Defraggler
2021-08-26 17:45 - 2021-08-26 17:46 - 000000000 ____D C:\Users\oldřich\Downloads\ACC
2021-08-26 17:42 - 2021-08-26 17:42 - 043255135 _____ C:\Users\oldřich\Downloads\CCleaner Professional Plus v5.83 + Fix {CracksHash}.zip
2021-08-26 17:05 - 2021-08-26 17:08 - 000031072 _____ C:\Users\oldřich\Downloads\Addition.txt
2021-08-26 17:02 - 2021-08-26 20:24 - 000021913 _____ C:\Users\oldřich\Downloads\FRST.txt
2021-08-26 16:55 - 2021-08-26 20:23 - 000000000 ____D C:\FRST
2021-08-26 16:53 - 2021-08-26 16:53 - 002300928 _____ (Farbar) C:\Users\oldřich\Downloads\FRST64.exe
2021-08-19 01:53 - 2021-08-25 14:57 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - oldřich
2021-08-15 01:55 - 2021-08-15 01:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-14 17:43 - 2021-08-15 20:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-13 17:21 - 2021-08-13 17:21 - 013212440 _____ C:\Users\oldřich\Downloads\wink_installer (3).exe
2021-08-12 16:31 - 2021-08-12 16:31 - 000067383 _____ C:\Users\oldřich\Downloads\Keylogger 4.zip
2021-08-12 16:24 - 2021-08-12 16:24 - 005255403 _____ C:\Users\oldřich\Downloads\ksetup (1).zip
2021-08-11 12:15 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-11 12:15 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2021-08-08 05:10 - 2021-08-08 05:11 - 014286519 _____ C:\Users\oldřich\Downloads\Nepotvrzeno 863623.crdownload
2021-08-04 23:23 - 2021-08-04 23:23 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-08-04 23:23 - 2021-08-04 23:23 - 000215392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-08-03 20:22 - 2021-08-03 20:22 - 000000000 ____D C:\Users\oldřich\AppData\Local\Winthread_Software
2021-08-03 20:16 - 2021-08-26 20:23 - 000000000 __SHD C:\Program Files\Windows Keylogger
2021-08-03 20:16 - 2021-08-13 17:18 - 000000000 ____D C:\ProgramData\wink
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\MSBuild
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-07-29 19:29 - 2021-07-29 19:29 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (2).exe
2021-07-29 15:51 - 2021-07-29 15:52 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (1).exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 20:21 - 2020-10-16 12:46 - 000000000 ____D C:\Program Files\CCleaner
2021-08-26 20:20 - 2020-06-10 15:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 20:20 - 2020-06-10 15:19 - 000000000 ____D C:\Users\oldřich\OneDrive
2021-08-26 20:13 - 2020-06-21 22:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-26 20:13 - 2020-06-10 15:23 - 000000000 ____D C:\ProgramData\Avast Software
2021-08-26 20:12 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-26 20:12 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-08-26 20:11 - 2020-06-10 15:24 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-08-26 19:21 - 2020-06-10 15:21 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9D31D5CA-EF01-4702-B69D-BA54BE3B04A1}
2021-08-26 18:36 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2021-08-26 18:14 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-08-26 18:12 - 2020-06-10 15:23 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-26 18:09 - 2020-06-11 20:16 - 000001326 _____ C:\Users\Public\Desktop\Skype.lnk
2021-08-26 18:09 - 2020-06-11 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-08-26 18:08 - 2020-06-12 05:59 - 000139776 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2021-08-26 18:07 - 2020-10-28 04:12 - 000001086 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-08-26 18:06 - 2020-07-03 21:39 - 000000000 ____D C:\Windows\Minidump
2021-08-26 18:04 - 2021-05-26 10:48 - 000000000 ____D C:\Users\oldřich\AppData\Local\Avast Software
2021-08-26 17:57 - 2020-10-16 12:46 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-08-26 17:57 - 2020-10-16 12:46 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-08-26 17:43 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job
2021-08-25 14:57 - 2021-01-14 16:44 - 000003864 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-08-25 14:57 - 2021-01-13 14:07 - 000003354 _____ C:\Windows\system32\Tasks\AMD ThankingURL
2021-08-25 14:57 - 2021-01-13 14:05 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-08-25 14:57 - 2020-10-16 12:46 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-08-25 14:57 - 2020-06-11 01:58 - 000003276 _____ C:\Windows\system32\Tasks\update-sys
2021-08-25 14:57 - 2020-06-11 01:58 - 000003258 _____ C:\Windows\system32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-25 14:57 - 2020-06-10 23:15 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 23:15 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 19:23 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 19:23 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 16:37 - 000004058 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1591799864
2021-08-25 14:57 - 2020-06-10 15:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-08-21 12:29 - 2020-06-10 19:24 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-21 12:29 - 2020-06-10 19:24 - 000002200 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-18 23:38 - 2020-06-10 23:15 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-18 23:38 - 2020-06-10 23:15 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-17 15:37 - 2014-11-21 06:53 - 001748688 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-17 15:37 - 2014-11-21 06:10 - 000739580 _____ C:\Windows\system32\perfh005.dat
2021-08-17 15:37 - 2014-11-21 06:10 - 000151702 _____ C:\Windows\system32\perfc005.dat
2021-08-15 20:41 - 2020-06-11 13:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-15 01:58 - 2020-06-11 13:46 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2021-08-15 01:56 - 2020-06-11 13:46 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-15 01:55 - 2020-06-11 13:46 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-15 01:49 - 2020-06-21 23:02 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2021-08-15 01:46 - 2020-07-28 15:16 - 000667648 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2021-08-14 12:06 - 2020-06-10 16:37 - 000001432 _____ C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-08-14 11:59 - 2020-06-10 15:25 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-08-12 13:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-08-11 15:29 - 2013-08-22 16:44 - 000386688 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-11 15:25 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-08-11 12:31 - 2020-06-10 16:19 - 000000000 ____D C:\Windows\system32\MRT
2021-08-11 12:26 - 2020-06-10 16:19 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-08-11 12:26 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-08-04 23:23 - 2020-10-13 14:11 - 000184648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000851704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000559816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000367640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000328568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000218976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000108408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000082904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\MUI

==================== Files in the root of some directories ========

2020-06-11 01:58 - 2020-06-11 01:58 - 000000003 _____ () C:\Users\oldřich\AppData\Local\updater.log
2020-07-25 12:04 - 2021-01-12 15:58 - 000000071 _____ () C:\Users\oldřich\AppData\Local\update_progress.txt
2020-06-11 01:58 - 2020-06-11 01:58 - 000000424 _____ () C:\Users\oldřich\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-08-20 12:20
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by oldřich (26-08-2021 20:24:44)
Running from C:\Users\oldřich\Downloads
Windows 8.1 (Update) (X64) (2020-06-10 13:11:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1232733984-2448475865-4075963903-500 - Administrator - Disabled)
Guest (S-1-5-21-1232733984-2448475865-4075963903-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232733984-2448475865-4075963903-1003 - Limited - Enabled)
oldřich (S-1-5-21-1232733984-2448475865-4075963903-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{E41DBD59-18EC-BB7B-A605-0A4CC449A599}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Any Video Converter 7.1.0 (HKLM-x32\...\Any Video Converter) (Version: 7.1.0 - Anvsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
BlueStacks 5 Beta (HKLM\...\BlueStacks_arabica) (Version: 5.0.0.7228 - BlueStack Systems, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0 (x64 cs)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.9.0 - Mozilla)
Mozilla Thunderbird 78.10.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.10.0 (x64 cs)) (Version: 78.10.0 - Mozilla)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero MediaHome verze 1.5 (HKLM-x32\...\Nero MediaHome_is1) (Version: 1.5 - )
Nox App Player verze 1.5 (HKLM-x32\...\Nox App Player_is1) (Version: 1.5 - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera Stable 78.0.4093.147 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Opera 78.0.4093.147) (Version: 78.0.4093.147 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Skype verze 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.4 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
upjers Home 2.1.64 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\{e2446448-09eb-5b1b-84b1-6746557362e3}) (Version: 2.1.64 - upjers GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
win8codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.4.0 - Shark007)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-06-11] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-06-11 20:16 - 2021-08-10 08:59 - 002546176 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-06-11 20:16 - 2021-08-10 08:59 - 000359936 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-06-11 20:16 - 2021-08-10 08:59 - 006861312 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 000278528 ___SH (hxxp://system.data.sqlite.org/) [File not signed] [File is in use] C:\Program Files\Windows Keylogger\System.Data.SQLite.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 001126912 ___SH (Robert Simpson, et al.) [File not signed] C:\Program Files\Windows Keylogger\x64\SQLite.Interop.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://cz2.herozerogame.com/
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {022CF883-3558-43DB-8AED-09121BE2182E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {201B8636-521D-4372-97C4-2DE4A5C95134} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {51C160AA-C928-4438-A19A-8F8B0CE4EBF5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {599E34A9-7282-44D5-96E7-B3CF226FB774} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {7C46D962-7C33-4E93-99E0-77710DF5ED19} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {B17287DB-F76F-4F7E-A544-96CB55F2EEE4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {DC2B1D7B-90C9-4F9F-B4C2-52DB70EB829B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {E5F6B98D-7EEA-484A-B7AE-D1F147489EEF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {F2B8B33A-9075-4332-9836-F4730F68268F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\StartupApproved\Run: => "upjers Home"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCCB3323-AB5A-40A6-9014-9577A81501E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{706D6B0B-C362-402A-A0ED-EDBAA76D3B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{77905B17-BB9A-494D-9FC2-76E11E5EA622}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A4D1068E-96CE-4B14-8724-260B487C674B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BBEB9110-6D6E-4201-96F1-7E37E1596063}] => (Allow) C:\Program Files\BlueStacks_arabica\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems)
FirewallRules: [{EF61F43A-CBE0-431A-B605-EE9345AABFC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42AF646-7B62-4AE5-B8C1-1035F6CB7B69}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1B0EAFDB-AB6B-4A28-B307-8B65B53C4CC6}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{3237C765-BF24-4EB9-9115-9F4D6C658396}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{D5BD37FC-B439-4CC8-B416-E44E9EE1E135}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7000D18E-80C1-48CB-A9EF-FE0A0E19AE80}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6437D7BA-B08D-4804-A506-92FE99A776E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3F7C5E11-BE3D-4A80-B0B7-6A481A5579C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CC51160-906E-4963-BCC9-A1FCC6978D36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D39D971-586E-4758-8553-8474FC3AD5EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17EB7673-9E24-48EF-9686-17ACE7E9E0A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{555FF9FE-9795-45E3-966E-72D2DA7FE6EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46C4003C-7861-4F1C-B9FD-AAA78B7A07DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

03-08-2021 20:10:26 Instalační služba modulů systému Windows
11-08-2021 12:20:38 Windows Update
20-08-2021 12:22:07 Naplánovaný kontrolní bod
26-08-2021 18:09:49 Piriform Driver Updater - Update 9.0.0.9910

==================== Faulty Device Manager Devices ============

Name: Vstupní zařízení USB
Description: Vstupní zařízení USB
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service: HidUsb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/26/2021 06:22:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2174

Čas spuštění: 01d79a964a319db6

Čas ukončení: 4

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: c6e88caa-0689-11ec-8357-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/26/2021 06:09:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d214cf26-7fea-4c93-b1d0-b44da3955f89}

Error: (08/23/2021 03:12:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 103c

Čas spuštění: 01d79759dda84979

Čas ukončení: 290

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: bcc91207-0413-11ec-8355-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/20/2021 04:43:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2194

Čas spuštění: 01d79521aa162a17

Čas ukončení: 40

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 564a099b-0160-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:56:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18e0

Čas spuštění: 01d794f10b15e279

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 7283d039-00e4-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2200

Čas spuštění: 01d7947ecc21dbda

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 4b16c5a6-007d-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 12:17:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12e8

Čas spuštění: 01d7943862e3639e

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: e1142745-0071-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/18/2021 03:21:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1a6c

Čas spuštění: 01d7942d4729e075

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 3b4f07f5-0027-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (08/26/2021 08:13:33 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 08:13:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (08/26/2021 08:10:43 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 08:10:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 08:07:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/26/2021 08:07:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Update byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/26/2021 08:07:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FreemakeVideoCapture byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/26/2021 08:07:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2020-06-10 22:45:09.405
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

Date: 2020-06-10 16:29:19.000
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.17100.2
Předchozí verze modulu: 1.1.9700.0
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x8050800c
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2020-06-10 15:46:33.661
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V17.11 10/31/2012
Motherboard: MSI 760GM-P34(FX) (MS-7641)
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 8191.18 MB
Available physical RAM: 5903.95 MB
Total Virtual: 16383.18 MB
Available Virtual: 13662.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:540.89 GB) (Free:406.01 GB) NTFS
Drive d: () (Fixed) (Total:390.28 GB) (Free:389.65 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{17498778-ab1b-11ea-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 21B252CA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte do C:\Users\oldřich\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#7 Příspěvek od gold »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by oldřich (26-08-2021 23:24:19) Run:1
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

*****************

Processes closed successfully.
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14d7ca74-dfc9-11ea-8272-d43d7e5271ef} => removed successfully
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30e6e71b-9534-11eb-8316-d43d7e5271ef} => removed successfully
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30e6e88a-9534-11eb-8316-d43d7e5271ef} => removed successfully
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83ca1b5c-e576-11eb-8343-d43d7e5271ef} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE2237A8-4F66-499E-AB4C-33C1C52D581D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE2237A8-4F66-499E-AB4C-33C1C52D581D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E84BD9CD-319D-4677-B59B-6EE194A32404}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E84BD9CD-319D-4677-B59B-6EE194A32404}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31952162 B
Java, Flash, Steam htmlcache => 25744145 B
Windows/system/drivers => 35017 B
Edge => 0 B
Chrome => 22867422 B
Vivaldi => 139264 B
Firefox => 11211190 B
Opera => 6111898 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 374609 B
systemprofile32 => 463492 B
LocalService => 464316 B
NetworkService => 464316 B
oldřich => 39458913 B

RecycleBin => 0 B
EmptyTemp: => 140.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:24:48 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#9 Příspěvek od gold »

Ano nastala, PC začalo zpomalovat a komolit psaní, takže, když chci napsat nějaké heslo, píšu ho několikrát je to děsné.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#10 Příspěvek od Rudy »

Za to ale nemůže čištění FRST. Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#11 Příspěvek od gold »

mám jen několik dní staré zálohy a myslím, že závada trvá již déle, tak to vidím na přeinstalaci ? Už jsem si stáhnul instalačku win 10. Jen doufám, že půjdou nainstalovat s heslem od win 8, jednou to již šlo, když to bylo zdarma, tak doufám, že se zadaří na staré heslo i nyní?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#12 Příspěvek od Rudy »

Obhávám se, že teď už to nefunguje, ale zkusit to můžete. Také můžete zkusit opravu systému pomocí WindowsRepair: https://www.slunecnice.cz/sw/windows-repair/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#13 Příspěvek od gold »

děkuji za snahu pomoci, téma bych zatím uzavřel, jestli souhlasíte, když něco, doufám, že se mohu opět obrátit na Vás

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: pc se zastavuje nejvíce při použití chrome a seznamu

#14 Příspěvek od Rudy »

Nemáte zač a obrátit se na nás samozřejmě můžete! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno