Dobrý den,
mohu poprosit o analýzu následujících logů? Občas se zobrazí falešné okno McAfee (viz screenshot). Po kliknutí na okno jsem přesměrován na
https://protectnscan.com/norton-safe-br ... nxi-424e7d
Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Ran by Jarda (administrator) on LAPTOP-37CD8RAU (HP HP 255 G6 Notebook PC) (11-12-2021 11:14:14)
Running from C:\Users\HP\Downloads
Loaded Profiles: Jarda & Marie
Platform: Microsoft Windows 10 Home Version 1909 18363.1556 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Program Files\ProcessExplorer\procexp.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\HP\AppData\Local\Temp\procexp64.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DTUHandler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\...\Run: [MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C3D222-61A0-4EA6-A165-745C313514D7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
Task: {0755E117-5D1A-49C5-999A-D81F7E7C223E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {07E37FB5-8C6A-4844-ABFB-7146BD69B5D3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {1079B16C-ABCC-4034-B054-9A3719BDA463} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1D2FEC74-6417-4417-A198-1E729881E436} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> )
Task: {1D9CFA6D-C728-4D4D-B89A-31C1DF45D13C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-11-29] (HP Inc. -> HP Inc.)
Task: {4816CE4D-534F-4681-8431-30437A4DFD01} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-242109460-1041420098-1020208062-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {4C562E99-8B2E-4669-820E-3E8F270CF225} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1170832 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D342CE-1035-4E61-9F93-2CB157EE447E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2018-01-30] (Google Inc -> Google Inc.)
Task: {5A968164-8FBB-4903-B8F2-A6C249356DC2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {6326C052-B919-4E1B-BD44-21AB52B457E5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {634D0CD0-EC33-4805-999C-22758DEEE18A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-30] (Dropbox, Inc -> DropboxOEM)
Task: {76F66B26-D546-41B2-AF05-E241FABAA1E4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7D40D6DD-0D30-43FC-A5C0-31E9278AB8DB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-12-11] (Avast Software s.r.o. -> Avast Software)
Task: {7DE378EA-614C-4A30-8069-C79506C2285E} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {84383832-5E7F-4395-9947-FDACA41A6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {912528FA-4FFF-4E03-8C92-112E353F5F58} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93A88312-0F8A-429F-9184-C5AAC4D87493} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {960DE844-3753-439F-A95B-CB19B4D805DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2018-01-30] (Google Inc -> Google Inc.)
Task: {AC02F4CF-7EED-4399-9780-16C8A7D8FEB8} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B035BE67-CF9C-488D-B0E1-84F935431244} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C11523D0-048B-408F-8A1B-05307A81B31E} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{728f1cb3-8a90-42d1-8bbb-5ac148a370e6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b078baee-9280-4199-813f-be8140ac648d}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-11]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-12-11]
CHR Notifications: Default -> hxxps://captcharesolverhere.top; hxxps://wizzair.esky.cz; hxxps://www.esky.cz; hxxps://www.nev-dama.cz
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-30]
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-30]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-25]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-30]
CHR Extension: (Tabulky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-28]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-25]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-22]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-03-19] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [550400 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [755736 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [754200 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [751128 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [754712 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222128 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368152 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [185216 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538992 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852752 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [544096 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317680 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [771584 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-11 11:14 - 2021-12-11 11:15 - 000022062 _____ C:\Users\HP\Downloads\FRST.txt
2021-12-11 11:13 - 2021-12-11 11:14 - 000000000 ____D C:\FRST
2021-12-11 11:13 - 2021-12-11 11:13 - 002311168 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2021-12-11 10:45 - 2021-12-11 10:45 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-12-11 10:45 - 2021-12-11 10:45 - 000000000 ____D C:\Program Files\ProcessExplorer
2021-12-11 10:43 - 2021-12-11 10:43 - 000000000 ____D C:\Users\HP\AppData\Local\GHISLER
2021-12-11 10:42 - 2021-12-11 10:43 - 000000000 ____D C:\Program Files\totalcmd
2021-12-11 10:42 - 2021-12-11 10:42 - 008717720 _____ (Ghisler Software GmbH) C:\Users\HP\Downloads\tcmd1000x32_64.exe
2021-12-11 10:42 - 2021-12-11 10:42 - 000000900 _____ C:\Users\HP\Desktop\Total Commander 64 bit.lnk
2021-12-11 10:42 - 2021-12-11 10:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-12-11 10:42 - 2021-12-11 10:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\GHISLER
2021-12-11 10:38 - 2021-12-11 10:47 - 000000000 ____D C:\Users\HP\AppData\Local\Avast Software
2021-12-11 10:38 - 2021-12-11 10:38 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-12-11 10:38 - 2021-12-11 10:38 - 000002155 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-12-11 10:38 - 2021-12-11 10:38 - 000000000 ____D C:\Users\HP\AppData\Roaming\Avast Software
2021-12-11 10:38 - 2021-12-11 10:38 - 000000000 ____D C:\Users\HP\AppData\Local\CEF
2021-12-11 10:36 - 2021-12-11 10:36 - 000852752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000544096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000538992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000368152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-11 10:36 - 2021-12-11 10:36 - 000317680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000222128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000214352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000185216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-11 10:36 - 2021-12-11 10:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-12-11 10:36 - 2021-12-11 10:36 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-12-11 10:35 - 2021-12-11 10:35 - 000000000 ____D C:\Program Files\Avast Software
2021-12-11 10:34 - 2021-12-11 10:51 - 000000000 ____D C:\ProgramData\Avast Software
2021-12-11 10:34 - 2021-12-11 10:34 - 000234280 _____ (AVAST Software) C:\Users\HP\Downloads\avast_free_antivirus_setup_online.exe
2021-12-08 17:35 - 2021-12-08 17:35 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair (2).exe
2021-12-08 17:34 - 2021-12-08 17:34 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair.exe
2021-12-08 17:34 - 2021-12-08 17:34 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair (1).exe
2021-12-06 13:01 - 2021-12-06 13:01 - 000001170 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-11 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-11 10:55 - 2018-01-30 13:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-11 10:37 - 2019-08-12 21:43 - 001842268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-11 10:37 - 2019-03-19 12:55 - 000752292 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-11 10:37 - 2019-03-19 12:55 - 000162732 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-11 10:37 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-12-11 10:36 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-11 10:35 - 2020-11-06 19:49 - 000000000 ___HD C:\$WINDOWS.~BT
2021-12-11 10:34 - 2019-07-29 09:09 - 000000000 ___DC C:\WINDOWS\Panther
2021-12-11 10:30 - 2019-08-12 21:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-11 10:29 - 2019-03-19 05:37 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-12-11 10:29 - 2017-11-07 11:29 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-12-11 08:47 - 2020-06-04 19:42 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:47 - 2020-06-04 19:42 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-10 21:02 - 2019-08-12 21:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-10 18:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-10 18:24 - 2017-05-18 09:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-09 17:24 - 2019-08-12 21:45 - 000494157 _____ C:\WINDOWS\diagwrn.xml
2021-12-09 17:24 - 2019-08-12 21:45 - 000493398 _____ C:\WINDOWS\diagerr.xml
2021-12-09 16:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2021-12-09 10:21 - 2019-11-05 22:19 - 000000000 ____D C:\Users\Marie\AppData\Local\HP_Inc
2021-12-08 13:00 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-08 12:58 - 2019-08-12 21:29 - 000581712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-08 09:55 - 2019-08-12 21:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-12-08 01:25 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files\HP
2021-12-08 01:09 - 2018-03-02 10:28 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2021-12-08 00:56 - 2018-01-30 13:02 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-08 00:56 - 2018-01-30 13:02 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-08 00:50 - 2019-08-12 21:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242109460-1041420098-1020208062-1002
2021-12-08 00:50 - 2019-08-12 21:35 - 000002384 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-07 15:42 - 2018-01-31 09:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-07 15:38 - 2018-01-31 09:10 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-07 12:21 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-07 12:17 - 2019-12-11 15:30 - 000000000 ____D C:\Users\HP\AppData\Local\HP_Inc
2021-12-07 11:50 - 2019-08-12 21:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242109460-1041420098-1020208062-1001
2021-12-07 11:50 - 2019-08-12 21:35 - 000002375 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 13:01 - 2019-12-15 12:59 - 000000000 ____D C:\Users\HP\AppData\Local\HP
2021-12-06 13:01 - 2018-03-17 21:50 - 000000000 ____D C:\Users\Marie\AppData\Local\HP
2021-12-06 13:01 - 2018-03-02 10:28 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2021-12-06 13:01 - 2018-02-28 23:46 - 000000000 ____D C:\Users\Marie\AppData\Local\Hewlett-Packard
2021-12-06 13:01 - 2018-01-31 19:53 - 000000000 ____D C:\Users\HP\AppData\Local\Hewlett-Packard
2021-12-06 13:01 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files (x86)\HP
2021-12-06 13:00 - 2017-05-18 09:09 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-12-06 12:59 - 2018-01-31 19:53 - 000000000 ____D C:\Users\HP\AppData\Roaming\hpqLog
2021-12-06 12:59 - 2017-05-18 09:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-12-06 12:59 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-12-06 12:58 - 2017-05-18 09:09 - 000000000 ____D C:\ProgramData\HP
2021-12-06 12:57 - 2017-05-18 17:43 - 000000000 ____D C:\SWSetup
2021-12-06 12:54 - 2020-06-04 19:43 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-06 12:54 - 2020-06-04 19:43 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-02 22:12 - 2017-05-18 09:15 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-12-02 22:12 - 2017-05-18 09:15 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-12-02 18:44 - 2019-08-12 21:46 - 000003906 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-12-02 18:44 - 2019-08-12 21:46 - 000003674 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-12-02 18:31 - 2018-06-06 19:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021
Ran by Jarda (11-12-2021 11:17:42)
Running from C:\Users\HP\Downloads
Microsoft Windows 10 Home Version 1909 18363.1556 (X64) (2019-08-12 20:46:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-242109460-1041420098-1020208062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-242109460-1041420098-1020208062-503 - Limited - Disabled)
Guest (S-1-5-21-242109460-1041420098-1020208062-501 - Limited - Disabled)
Jarda (S-1-5-21-242109460-1041420098-1020208062-1001 - Administrator - Enabled) => C:\Users\HP
Marie (S-1-5-21-242109460-1041420098-1020208062-1002 - Administrator - Enabled) => C:\Users\Marie
WDAGUtilityAccount (S-1-5-21-242109460-1041420098-1020208062-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0319.1455.26818 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.10.2498 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{83D9E6C0-5F20-49B4-9ACF-80A24A1A045D}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{520F0634-40C0-453F-8C84-4EFAE89989A8}) (Version: 19.60.0 - Intel Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14701.20226 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242109460-1041420098-1020208062-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242109460-1041420098-1020208062-1002\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{8A6AB459-CB4B-4D09-8C1E-337FB59135C4}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{933F6AB3-06F2-4656-B18A-6B92CBCB405F}) (Version: 11804.13 - STORMWARE)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-22] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.12.41.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.207.400.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-11-07] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.11.106.0_x64__v10z8vjag6ke6 [2021-12-08] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_6.0.13.0_x86__h6adky7gbf63m [2021-12-08] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.102.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-01-30] (Plex)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-04-11] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-19] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2016-09-13 01:50 - 2016-09-13 01:50 - 000011776 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 002013696 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-10-20 09:00 - 2021-10-20 09:00 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\037ea9773cc7c33153b90df1f4968701\BRIDGECommon.ni.dll
2021-10-20 09:04 - 2021-10-20 09:04 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b4af5e8a01af8515a3c54ee381bc045b\BridgeExtension.ni.dll
2021-10-20 09:05 - 2021-10-20 09:05 - 000348160 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\6bf1fb5ac6d0ffa56e80353a1f2843e8\CleanStartController.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\ecef5c0b3dc7256c00a55105e31c2f9d\Interop.IWshRuntimeLibrary.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\3a5f06eb06365c79d2bd2d6affe834a1\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-10-20 09:04 - 2021-10-20 09:04 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\f825637369f1038a6c6634780f2686f3\CommonPortable.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\a2750cd7173f9090afc4a460dccc2368\NAudio.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\79ca89ce45d6574b07b31c48a06103cd\Newtonsoft.Json.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\3ec6a75f00b391c4fa6eb9562fbdfc9a\log4net.ni.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005496320 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005804544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000912384 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 001061376 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 003187712 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 002924544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000310784 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005444608 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000277504 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000193024 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1001 -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2021-11-29] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2021-11-29] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5DA44F63-15DB-4739-B23B-02541616CA5B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{D3A1463D-AADC-4EB3-8C16-206C710E9B2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F26EF40B-08E7-42B0-811D-E1C92A56B7D0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{916B94D0-DC6B-42B4-AB8C-2FB9C33D0396}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{2774D2A3-FA97-4F17-A714-283EC7903E9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{785DF6FA-02AC-4133-A4E6-485548349C33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{438E16C7-0035-466A-A8CE-4D709CBE4308}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2D88D32-9880-4F67-9FE3-8B49878C7965}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F2279AC-8443-40B5-A3EA-8B112BD0BF64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{000CA22E-C16D-4EFA-8535-33CF6B09DF93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F10D266-5652-4669-90FF-16FD6D5992D0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1544221-2BB2-42A6-90D6-0A6A736048EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E3BE6918-8B1B-4AC1-9F7B-6D1ED6A90974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF21A7F5-89AF-4E29-8E46-DFF8D210F55A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E598776-1C01-4189-9B3F-1E88E351E744}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BA1A799-7DB2-4897-8B77-9EE420C007FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C17F77B5-1F58-492B-9B8D-FC6B0FA92D9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F631593-D177-4F14-955E-46DE815339FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{975440E3-B803-43E0-BB4C-C52C591853E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA83BE8D-0BC4-4DBD-AC85-C1913F35B3DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1645F377-4867-4605-9A88-994189DFAD4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5741F9C9-68FC-41C7-8593-6FFBCB601CB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49F1C28C-F5AE-4DC5-BB52-317485A31BC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB417F73-735B-428B-9F11-5881B53BC62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5230F88-B231-4098-ACC5-2AADDA1471FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{35A125B5-754D-4B90-823B-17F8CC64A240}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
20-10-2021 07:15:40 Windows Update
07-12-2021 15:37:36 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/11/2021 10:36:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2836,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/11/2021 10:22:05 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/11/2021 10:12:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DropboxOEM.exe, verze: 4.1.2.0, časové razítko: 0x583f770e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.1474, časové razítko: 0xf0a6699c
Kód výjimky: 0xe0434352
Posun chyby: 0x001146d2
ID chybujícího procesu: 0x2960
Čas spuštění chybující aplikace: 0x01d7ee6f228c5de5
Cesta k chybující aplikaci: C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e1c10e18-dd1e-4693-a6f9-f74d87a5a777
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/11/2021 10:12:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DropboxOEM.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Xml.XmlException
na System.Xml.XmlTextReaderImpl.Throw(System.Exception)
na System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[])
na System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef)
na System.Xml.XmlTextReaderImpl.ParseText()
na System.Xml.XmlTextReaderImpl.ParseElementContent()
na System.Xml.XmlTextReaderImpl.Read()
na System.Xml.XmlTextReader.Read()
na System.Xml.XmlTextReaderImpl.Skip()
na System.Xml.XmlTextReader.Skip()
na System.Configuration.XmlUtil.StrictSkipToNextElement(System.Configuration.ExceptionAction)
na System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean)
na System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean)
na System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil)
na System.Configuration.BaseConfigurationRecord.InitConfigFromFile()
Informace o výjimce: System.Configuration.ConfigurationErrorsException
na System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean)
na System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors)
na System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors()
na System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs)
Informace o výjimce: System.Configuration.ConfigurationErrorsException
na System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs)
na System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs)
na System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord)
na System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
na System.Configuration.BaseConfigurationRecord.GetSection(System.String)
na System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
na System.Configuration.ConfigurationManager.GetSection(System.String)
na System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
na System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
na System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
na System.Configuration.SettingsBase.GetPropertyValueByName(System.String)
na System.Configuration.SettingsBase.get_Item(System.String)
na System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String)
na System.Configuration.ApplicationSettingsBase.get_Item(System.String)
na DropboxOEM.Properties.Settings.get_ForegroundProcessPriority()
na DropboxOEM.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na DropboxOEM.App.Main()
Error: (12/11/2021 08:06:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3512,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 10:12:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 09:21:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 09:08:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10264,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/11/2021 11:02:37 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:35:34 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:16:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:16:43 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:11:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/11/2021 10:11:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (12/11/2021 07:58:57 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 07:58:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-12-09 12:47:58.683
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BC999D4E-0424-4862-A3E8-EFD3E810A77E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-12-02 18:30:46.187
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3040F63C-B9DC-4F87-8638-B5EFC7274FF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2021-10-20 08:25:26.983
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ED7EF405-BC73-4851-BCA8-9A9C49A677B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-22 12:22:13.087
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {963FCF0A-224E-4C02-A332-592EF6D6297B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-06 18:42:39.341
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {482BCF45-7C29-41CA-8EF8-D44C4D0D2885}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-12-06 12:53:11.310
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:53:11.308
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:53:11.306
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:52:01.926
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2023.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2021-12-02 18:28:55.157
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.1967.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
==================== Memory info ===========================
BIOS: Insyde F.13 09/07/2017
Motherboard: HP 8330
Processor: AMD A6-9220 RADEON R4, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 88%
Total physical RAM: 3981.68 MB
Available physical RAM: 452.61 MB
Total Virtual: 5753.25 MB
Available Virtual: 1054.11 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.85 GB) (Free:87.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.39 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{bb21006b-e1c2-46cc-af9b-f04b5d99354e}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{49195bd8-992a-42c8-8f2f-6bbdb9d91f04}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FB04E0DD)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Falešné okno McAfee při webovém prohlížení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Falešné okno McAfee při webovém prohlížení
- Přílohy
-
- falesne_okno.png (276.35 KiB) Zobrazeno 498 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Falešné okno McAfee při webovém prohlížení
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?