Ahoj,
mám velikou prosbu, půjčil jsem včera notebook svojí sestře a ona mi ho vrátila ve stavu, kdy mi cca každých 10 min vyskakuje okno (viz příloha),
že je v pc vir....
Níže posílám logy z FRST , prosím o řešení předem moc děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2022
Ran by Já (administrator) on DESKTOP-THCR9VP (HP HP ProBook 440 G7) (09-03-2022 19:20:27)
Running from C:\Users\Já\Downloads
Loaded Profiles: Já
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.209\DiscoverySrv.exe
(C:\Program Files\Bitdefender Antivirus Free\vsserv.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_00352e148f6a4096\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f31d3fd59f245137\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f31d3fd59f245137\RtkAudUService64.exe [1255264 2021-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [GoogleChromeAutoLaunch_9FE22663AB17750FDC06C95DF7C6A50D] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-07-01]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B52735D-FF25-4394-BDB0-518C4B9EDC46} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254096 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2C5AC034-C6E9-4DF2-98BB-4579D51E1ADE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {39758433-8BA2-4888-B63B-6DDDA3A03DF5} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1663936 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {518EBC9F-94DC-4AD1-ACB8-2A1BB892FA3E} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {8F2EAD38-B836-442C-8010-85E10D1842A9} - System32\Tasks\CCleanerSkipUAC - Já => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93C91ED5-8C5D-40EC-BA2F-504EB0270F6E} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30208384 2022-03-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A2FA46DF-0280-448A-B4F0-AA152EC46238} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {ADD59437-91C3-40CD-9363-4975595494E7} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.209\WatchDog.exe [1050216 2022-01-13] (Bitdefender SRL -> Bitdefender)
Task: {C54DD032-8A38-478C-8DB8-6525013075BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {E4406DAC-3160-4684-B39A-450B85FF43D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
Task: {E46CCC6F-2DB6-419E-8802-BDD06337A6A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {FE7AD8EB-54BF-450A-AA6A-D703DFFF8164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{802de428-069d-4993-b4eb-3df5ea4c6a34}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d34617ef-721c-4e41-b1f8-fbabc1ebf661}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
Edge Notifications: Default -> hxxps://imendocals.com
Edge Extension: (Avira Safe Shopping) - C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-03-08]
Edge Extension: (Avira Password Manager) - C:\Users\Já\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-03-08]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kihwzjy4.default
FF ProfilePath: C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default [2021-10-12]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-cs@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-de@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (English (US) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Español (España) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Finnish Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-fi@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Français Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-fr@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Galego (España) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-gl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-he@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-hu@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-it@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Japanese Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ja@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ko@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-nl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Polski Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-pl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-ru@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sl@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (српски (sr) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sr@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Já\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\kihwzjy4.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2021-07-23] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default [2022-03-09]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-29]
CHR Extension: (Dokumenty) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-29]
CHR Extension: (Disk Google) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-29]
CHR Extension: (Avira Password Manager) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-03-08]
CHR Extension: (Tabulky) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-29]
CHR Extension: (Avira Browser Safety) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-03-08]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2021-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-08]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Já\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-29]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2998096 2021-11-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264288 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [265608 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2019-03-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\HotKeyServiceUWP.exe [1512544 2021-10-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\AppHelperCap.exe [761856 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\DiagsCap.exe [760864 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\NetworkCap.exe [756720 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a827166e24a9cb5b\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_44633d75967bb427\x64\TouchpointAnalyticsClientService.exe [494688 2021-11-21] (HP Inc. -> HP Inc.)
S2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dea730b932418dc2\LanWlanWwanSwitchingServiceUWP.exe [591968 2021-10-30] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-06] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [786536 2022-02-01] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6133448 2022-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-07-17] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [585824 2022-02-04] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-07-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3947928 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [800672 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-07-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-07-18] (Bitdefender SRL -> Bitdefender)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 bhtsdhubdr; C:\WINDOWS\System32\drivers\bhtsdhubdr.sys [202456 2020-10-22] (BayHub Technology Inc. -> BayHubTech)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1190288 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [623008 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [532360 2022-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425208 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-09 19:20 - 2022-03-09 19:21 - 000032564 _____ C:\Users\Já\Downloads\FRST.txt
2022-03-09 19:19 - 2022-03-09 19:20 - 000000000 ____D C:\FRST
2022-03-09 19:18 - 2022-03-09 19:18 - 005659583 _____ (Swearware) C:\Users\Já\Downloads\ComboFix.exe
2022-03-09 19:18 - 2022-03-09 19:18 - 002364928 _____ (Farbar) C:\Users\Já\Downloads\FRST64.exe
2022-03-09 19:09 - 2022-03-09 19:09 - 000319176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_82e68bada_klark.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 115464184 _____ (AO Kaspersky Lab) C:\Users\Já\Downloads\KVRT.exe
2022-03-09 19:08 - 2022-03-09 19:08 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\82e68bad.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 000227664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_82e68bada_mark.sys
2022-03-09 19:08 - 2022-03-09 19:08 - 000000000 ____D C:\KVRT2020_Data
2022-03-09 19:04 - 2022-03-09 19:04 - 000388608 _____ (Trend Micro Inc.) C:\Users\Já\Downloads\hijackthis (1).exe
2022-03-09 19:02 - 2022-03-09 19:02 - 000388608 _____ (Trend Micro Inc.) C:\Users\Já\Downloads\hijackthis.exe
2022-03-09 17:57 - 2022-03-09 17:57 - 000000000 ___HD C:\$WinREAgent
2022-03-09 17:56 - 2022-03-09 17:56 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-08 23:21 - 2022-03-08 23:21 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2022-03-08 19:56 - 2022-03-08 20:15 - 348593776 _____ C:\Users\Já\Desktop\DaneJones - Yasmeena - Sweet Afghan student romantic fuck.mp4
2022-03-08 19:51 - 2022-03-08 20:05 - 239324355 _____ C:\Users\Já\Desktop\WhiteBoxxx - Stacy Cruz Young Czech Babe Romantic Sex Session With Intense Creampie Climax - RedTube.mp4
2022-03-08 19:49 - 2022-03-08 19:53 - 075513133 _____ C:\Users\Já\Desktop\Romantic-Sex-Film-for-Couple.mp4
2022-03-08 19:46 - 2022-03-08 20:51 - 1192203370 _____ C:\Users\Já\Desktop\12-05-16 Romantic Memories (Connie).mp4
2022-03-08 19:15 - 2022-03-08 21:10 - 000000000 ____D C:\Users\Public\Security Sessions
2022-03-08 19:15 - 2022-03-08 19:15 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-03-08 19:14 - 2022-03-08 19:14 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2022-03-08 19:14 - 2022-03-08 19:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-03-08 19:14 - 2021-10-22 08:45 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2022-03-08 19:14 - 2021-06-25 13:59 - 000022848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2022-03-08 19:14 - 2021-02-09 18:03 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2022-03-08 19:14 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2022-03-08 19:14 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2022-03-08 19:13 - 2022-03-08 19:16 - 000000000 ____D C:\Users\Já\AppData\Local\Avira
2022-03-08 19:13 - 2022-03-08 19:14 - 000000000 ____D C:\Program Files (x86)\Avira
2022-03-08 19:13 - 2022-03-08 19:13 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-03-08 19:13 - 2022-03-08 19:13 - 000003772 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2022-03-08 19:13 - 2022-03-08 19:13 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-03-08 19:13 - 2022-03-08 19:13 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-03-08 19:13 - 2022-03-08 19:13 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-03-08 19:13 - 2022-03-08 19:13 - 000001150 _____ C:\Users\Public\Desktop\Avira.lnk
2022-03-08 19:13 - 2022-03-08 19:13 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-03-08 19:13 - 2022-03-08 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-03-08 19:12 - 2022-03-08 19:15 - 000000000 ____D C:\ProgramData\Avira
2022-03-08 19:12 - 2022-03-08 19:12 - 005548536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Já\Downloads\avira_en_sptl1_63007768-1646763146__phpws-spotlight-release.exe
2022-03-08 19:06 - 2022-03-08 19:06 - 008540344 _____ (Malwarebytes) C:\Users\Já\Downloads\adwcleaner_8.3.1.exe
2022-03-06 21:37 - 2022-03-05 18:06 - 066347880 _____ C:\Users\Já\Desktop\20220305_180625.mp4
2022-03-06 21:22 - 2022-03-06 21:23 - 000000000 ____D C:\Users\Já\Desktop\brno
2022-03-06 18:45 - 2022-03-06 18:49 - 089223322 _____ C:\Users\Já\Desktop\Porno pro ženy silná dávka něžností - FreeVideo.cz – Nejnavštěvovanější erotický portál.mp4
2022-03-06 18:44 - 2022-03-06 18:49 - 099317077 _____ C:\Users\Já\Desktop\Ranní romantika (porno pro ženy) - FreeVideo.cz – Nejnavštěvovanější erotický portál.mp4
2022-03-06 18:43 - 2022-03-06 19:01 - 316806116 _____ C:\Users\Já\Desktop\Speciální porno pro ženy - FreeVideo.cz – Nejnavštěvovanější erotický portál_07-46-32.mp4
2022-03-06 18:42 - 2022-03-06 18:48 - 118682040 _____ C:\Users\Já\Desktop\romanticky-sex-na-soukromem-doucovani.mp4
2022-03-06 18:41 - 2022-03-06 19:22 - 754003817 _____ C:\Users\Já\Desktop\kraska-ma-rada-romanticky-sexkunda-,18-let-,xxx,sex,porno,domaci,mlada,teen,nevyholena,hairy,amaterka,oral,novinka,2013,cz,za-penize,za-prachy.wmv
2022-03-06 18:41 - 2022-03-06 18:53 - 206945474 _____ C:\Users\Já\Desktop\lasko-udelame-si-romanticky-vecer-byxxxpornxx.sex.xxx.porno.mp4
2022-03-06 18:41 - 2022-03-06 18:52 - 201685818 _____ C:\Users\Já\Desktop\romanticky-sex-s-ceskou-kraskou-540p.mp4
2022-03-01 18:48 - 2022-03-01 18:51 - 067645691 _____ C:\Users\Já\Desktop\[ Amateri ] smirovani moji holky s kamosem 336p.mp4
2022-03-01 18:38 - 2022-03-01 19:58 - 1482118131 _____ C:\Users\Já\Desktop\Kámen, nůžky, papír_Schnick Schnack Schnuck_2015_titulky.CZ.mkv
2022-02-27 10:03 - 2022-02-27 10:03 - 000214277 _____ C:\Users\Já\Downloads\poukaz.pptx
2022-02-27 10:02 - 2022-02-27 10:02 - 000005388 _____ C:\Users\Já\Desktop\stažený soubor.jfif
2022-02-26 09:24 - 2022-02-26 09:24 - 000000000 ____D C:\Users\Já\AppData\Local\HP_Inc
2022-02-25 17:54 - 2022-02-25 17:54 - 000001170 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2022-02-23 22:17 - 2022-02-23 22:17 - 001856288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\btwake.sys
2022-02-23 22:16 - 2022-02-23 22:16 - 006920816 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2022-02-23 22:16 - 2022-02-23 22:16 - 000337296 _____ (Intel Corporation) C:\WINDOWS\system32\JHI64.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000321424 _____ (Intel Corporation) C:\WINDOWS\system32\TEEManagement64.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000272272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\JHI.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000259456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\TEEManagement.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000091648 _____ (HP Inc.) C:\WINDOWS\system32\Drivers\btwake.dll
2022-02-23 22:16 - 2022-02-23 22:16 - 000020976 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2022-02-23 20:43 - 2022-02-24 19:55 - 3550434759 _____ C:\Users\Já\Desktop\Cheza.je.jen.jedna.2020.1080p.WEB-DL.DD2.0.H.264.CZ-TreZzoR.mkv
2022-02-23 17:41 - 2022-02-23 18:22 - 751887145 _____ C:\Users\Já\Desktop\Tantra průvodce tantrickým orálním sexem-1.-díl.mp4
2022-02-23 17:38 - 2022-02-23 18:10 - 589184006 _____ C:\Users\Já\Desktop\Tantra-masáž-pro-muže---Fabi.mp4
2022-02-23 17:38 - 2022-02-23 18:07 - 538462861 _____ C:\Users\Já\Desktop\Tantra masáž penisu- Fabi.mp4
2022-02-23 17:36 - 2022-02-23 18:05 - 525282999 _____ C:\Users\Já\Desktop\Tantra-Imaginations_SexArt-1080p.mp4
2022-02-21 17:46 - 2022-02-21 17:46 - 000000000 ____D C:\Program Files\Intel
2022-02-21 17:24 - 2022-02-21 17:45 - 383741952 _____ C:\Users\Já\Desktop\Tantra--masáž-pro-ženu---Genital-Massage-For-Women.avi
2022-02-20 21:44 - 2022-02-21 17:33 - 1514248568 _____ C:\Users\Já\Desktop\Skola sexu 14.mkv
2022-02-20 21:19 - 2022-02-20 21:58 - 722346284 _____ C:\Users\Já\Desktop\XXX-sex-porn_DVD 1 - The Original Lovers Guide.avi
2022-02-20 20:52 - 2022-03-08 23:10 - 000000000 ____D C:\Users\Já\Desktop\P
2022-02-20 16:57 - 2022-02-20 16:57 - 000000000 ___HD C:\$Windows.~WS
2022-02-20 16:33 - 2022-02-25 17:54 - 000000000 ____D C:\Users\Já\AppData\Local\Hewlett-Packard
2022-02-20 12:42 - 2021-07-07 03:42 - 000004608 _____ (HP Inc.) C:\WINDOWS\SysWOW64\SigFile.exe
2022-02-20 12:28 - 2022-02-20 12:28 - 000000000 ____D C:\Users\Já\AppData\Roaming\Hewlett-Packard
2022-02-20 12:23 - 2022-02-20 12:23 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-02-20 12:23 - 2022-02-20 12:23 - 000011821 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-20 12:22 - 2022-02-20 12:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-02-20 12:22 - 2022-02-20 12:22 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-02-20 12:22 - 2022-02-20 12:22 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-20 12:22 - 2022-02-20 12:22 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-20 12:21 - 2022-03-07 17:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-02-20 12:21 - 2022-02-25 17:55 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-02-20 12:21 - 2022-02-25 17:54 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-02-20 12:21 - 2022-02-20 12:22 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2022-02-20 12:21 - 2022-02-20 12:21 - 000000000 ____D C:\Users\Já\AppData\Roaming\hpqLog
2022-02-20 12:21 - 2022-02-20 12:21 - 000000000 ____D C:\system.sav
2022-02-20 12:17 - 2022-02-20 12:18 - 000000000 ____D C:\Users\Já\Desktop\Intel(R)_USB_3.0_eXtensible_Host_Controller_Driver_5.0.4.43_v2
2022-02-20 12:17 - 2022-02-20 12:17 - 005574777 _____ C:\Users\Já\Downloads\intel(r)_usb_3.0_extensible_host_controller_driver_5.0.4.43_v2.zip
2022-02-20 11:11 - 2022-02-20 11:35 - 000000000 ____D C:\Users\Já\Desktop\flash mamka
2022-02-19 13:15 - 2022-03-09 18:04 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-19 13:14 - 2022-02-19 13:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-02-19 13:14 - 2022-02-19 13:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-19 13:13 - 2022-02-19 13:13 - 000095692 _____ C:\ProgramData\agent.update.1645272790.bdinstall.v2.bin
2022-02-19 13:13 - 2022-02-19 13:13 - 000000000 ____D C:\Users\Já\AppData\Local\Bdch
2022-02-19 13:12 - 2022-03-09 18:00 - 000004204 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{05027FED-9EA5-4676-A708-ECE2F660F990}
2022-02-19 13:12 - 2022-03-09 17:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-19 13:12 - 2022-02-20 17:08 - 000015235 _____ C:\WINDOWS\diagwrn.xml
2022-02-19 13:12 - 2022-02-20 17:08 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-02-19 13:12 - 2022-02-19 13:13 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-02-19 13:12 - 2022-02-19 13:12 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-19 13:12 - 2022-02-19 13:12 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-19 13:12 - 2022-02-19 13:12 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-19 13:12 - 2022-02-19 13:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-19 13:12 - 2022-02-19 13:12 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-19 13:12 - 2022-02-19 13:12 - 000002246 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Já
2022-02-19 13:12 - 2022-02-19 13:12 - 000000020 ___SH C:\Users\Já\ntuser.ini
2022-02-19 13:07 - 2022-02-19 13:12 - 000000000 ____D C:\Users\Já
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Šablony
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Soubory cookie
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Poslední
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Okolní tiskárny
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Okolní síť
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Nabídka Start
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Dokumenty
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Obrázky
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Hudba
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Documents\Filmy
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\Data aplikací
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-02-19 13:07 - 2022-02-19 13:07 - 000000000 _SHDL C:\Users\Já\AppData\Local\Data aplikací
2022-02-19 13:07 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-19 13:05 - 2022-03-09 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-19 13:05 - 2022-03-08 21:05 - 000287944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-19 13:04 - 2022-02-19 13:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-02-19 13:03 - 2022-02-19 13:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-02-19 13:03 - 2022-02-19 13:03 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-02-19 13:02 - 2022-02-19 13:02 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-19 13:00 - 2022-02-19 13:00 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-02-19 13:00 - 2022-02-19 13:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-02-19 12:59 - 2022-02-19 12:59 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-19 12:59 - 2022-02-19 12:59 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-19 12:59 - 2022-02-19 12:59 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files\MSBuild
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-02-19 12:52 - 2022-02-19 12:52 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-02-19 11:47 - 2022-03-03 19:00 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-19 11:45 - 2022-02-19 11:47 - 000000036 _____ C:\WINDOWS\progress.ini
2022-02-19 11:33 - 2022-02-19 11:45 - 000000000 ___HD C:\$GetCurrent
2022-02-19 11:33 - 2022-02-19 11:45 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-09 19:22 - 2021-06-06 20:19 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2022-03-09 19:08 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2022-03-09 19:03 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\VirtualStore
2022-03-09 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-09 19:00 - 2021-05-29 08:48 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-09 18:56 - 2021-05-28 16:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-09 18:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-09 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-09 18:04 - 2019-12-07 15:43 - 000719452 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-09 18:04 - 2019-12-07 15:43 - 000145578 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-09 18:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-09 18:00 - 2021-06-06 20:06 - 000000000 ____D C:\Program Files\CCleaner
2022-03-09 17:56 - 2022-01-27 21:12 - 000000000 ____D C:\Program Files\TeamViewer
2022-03-09 17:56 - 2021-05-28 17:10 - 000000000 __SHD C:\Users\Já\IntelGraphicsProfiles
2022-03-09 17:56 - 2021-05-28 16:32 - 000000000 ____D C:\Intel
2022-03-09 17:56 - 2021-05-28 16:23 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-09 17:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-08 23:21 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-08 23:18 - 2021-05-29 15:47 - 000000000 ____D C:\Users\Já\AppData\Roaming\vlc
2022-03-08 19:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-08 17:38 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\Packages
2022-03-08 17:34 - 2021-05-28 16:30 - 000000000 ____D C:\Users\Já\AppData\Local\D3DSCache
2022-03-08 17:22 - 2021-05-29 08:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-08 17:22 - 2021-05-29 08:48 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-06 18:40 - 2021-12-23 11:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-06 18:40 - 2021-12-23 11:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-06 18:39 - 2021-12-23 11:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-06 18:39 - 2021-12-23 11:51 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-25 17:54 - 2021-10-01 15:50 - 000000000 ____D C:\Users\Já\AppData\Local\HP
2022-02-25 17:54 - 2021-05-29 10:10 - 000000000 ____D C:\Program Files (x86)\HP
2022-02-25 17:54 - 2021-05-29 09:52 - 000000000 ____D C:\SWSetup
2022-02-25 17:54 - 2021-05-28 16:38 - 000000000 ____D C:\ProgramData\HP
2022-02-21 17:46 - 2021-05-30 09:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-20 17:17 - 2021-08-18 19:13 - 000000000 ____D C:\ESD
2022-02-20 12:41 - 2021-05-28 16:30 - 000000000 ____D C:\ProgramData\Packages
2022-02-20 12:31 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-02-20 12:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-20 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-20 12:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-20 12:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-20 11:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-20 11:16 - 2021-05-28 16:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-20 11:14 - 2021-06-18 18:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-20 11:14 - 2021-05-28 16:34 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-20 10:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-02-19 14:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-19 13:13 - 2021-06-06 20:18 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-02-19 13:12 - 2021-05-28 16:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-19 13:12 - 2021-05-28 16:30 - 000000000 ___RD C:\Users\Já\3D Objects
2022-02-19 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-02-19 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-02-19 13:09 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2022-02-19 13:08 - 2022-01-19 19:06 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-02-19 13:08 - 2022-01-19 17:24 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2022-02-19 13:08 - 2021-12-02 21:32 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2022-02-19 13:08 - 2021-07-23 15:54 - 000000000 ____D C:\Users\Já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nicepage
2022-02-19 13:06 - 2021-05-28 16:39 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-02-19 13:05 - 2021-12-02 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-02-19 13:05 - 2021-07-23 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon
2022-02-19 13:05 - 2021-07-23 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2022-02-19 13:05 - 2021-07-01 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2022-02-19 13:05 - 2021-06-06 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-02-19 13:05 - 2021-05-29 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-02-19 13:05 - 2021-05-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-19 13:05 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-02-19 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-02-19 13:04 - 2021-05-30 09:16 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-02-19 13:04 - 2021-05-28 16:49 - 000000000 ____D C:\WINDOWS\Firmware
2022-02-19 13:04 - 2021-05-28 16:39 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-19 13:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-02-19 12:56 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2022-02-19 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-02-19 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-02-19 11:17 - 2021-12-30 17:22 - 000000000 ____D C:\Users\Já\AppData\Local\CrashDumps
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2022
Ran by Já (09-03-2022 19:23:26)
Running from C:\Users\Já\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) (2022-02-19 12:12:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-176298533-3111144044-3321788608-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-176298533-3111144044-3321788608-503 - Limited - Disabled)
Guest (S-1-5-21-176298533-3111144044-3321788608-501 - Limited - Disabled)
Já (S-1-5-21-176298533-3111144044-3321788608-1001 - Administrator - Enabled) => C:\Users\Já
WDAGUtilityAccount (S-1-5-21-176298533-3111144044-3321788608-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.39.1.29668 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.62.27078 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.16.0.11273 - Avira Operations GmbH & Co. KG) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.209 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.21.234 - Bitdefender)
BlueGriffon version 3.1 (HKLM\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 3.1 - Disruptive Innovations SAS)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.51 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Malwarebytes version 4.5.5.175 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.5.175 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.36 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Nicepage 3.27.0 (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\c9e6a573-2a17-5f23-a9b7-1d442c8e5de0) (Version: 3.27.0 - Artisteer Limited)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1555 - Microsoft Corporation)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Trezor Suite 21.7.1 (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 21.7.1 - SatoshiLabs)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.25.245.0_x64__dt26b99r8h8gj [2022-02-23] (Realtek Semiconductor Corp)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.14.42.0_x64__v10z8vjag6ke6 [2022-03-06] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2021-05-28] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-23] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Studios) [MS Ad]
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.29.0_x64__tqn3m7kee4xc8 [2022-02-23] (O2 Czech Republic a.s.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-02-23] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0 [2022-03-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-25 11:31 - 2021-10-25 11:31 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2021-12-02 19:01 - 2021-11-24 15:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-12-04 15:41 - 2021-12-04 15:41 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2021-12-03 13:17 - 2021-12-03 13:17 - 004578816 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-12-03 13:16 - 2021-12-03 13:16 - 002832384 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-12-03 13:14 - 2021-12-03 13:14 - 006556672 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-02-25] (HP Inc. -> HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-02-25] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2021-06-06 19:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-176298533-3111144044-3321788608-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3AB519FD-2119-4403-968B-F5DAE169B713}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{75CE262E-B2DA-4F92-8DD8-B71F98D00DAB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{53FF4BDD-D8CD-4DC5-BFAC-FDC7AAAB2CF6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4E050165-FA9D-4AAD-A9A2-B25432DD1EFF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{FBDB7BB5-32B0-4881-8931-861BED1C079A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{AF7C09C7-437D-407E-ACAD-052789E03FA6}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{A2567B27-212A-4DB8-8478-BFCE01674D7F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{8AEEAF73-E45B-445C-9F83-BE65678D0A39}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{9F42F1C1-C983-425B-AAA0-F9C36D123349}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6449210B-D934-4628-BF21-98456719A987}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EEBAA23B-BB8D-4D6F-8CF2-FB45572FB999}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3DC2017B-84A6-4989-9A5D-E159B2661EE8}] => (Allow) C:\Users\Já\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{CD91CB03-A3B9-4CE6-8BFF-A9CE3A2A6357}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{55B7C2E9-029C-4EB1-A512-277E80336804}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{90D2E694-F6DB-41B3-8143-8B9BB620496A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED8A7480-36A0-4CA7-B1E9-195AC5D0771B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBE3D914-2C2B-44D6-90F9-49A2AD8595C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CAA84D8-9399-4375-9A61-DF75F1EFC338}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{588FDEB8-F7BE-46D9-9ED9-6A5B09688AC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A3CF475-715B-48B7-AB2B-EE534EEDBDFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7A7806C4-DE16-4961-AB02-0EDEB998520A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D24AB0EF-E6EE-4826-846B-B391B3E4FB19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBB1D72C-B94C-4717-9D32-9D18723F876D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{425E69F3-59FA-42E6-95A3-1853E15B9832}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
06-03-2022 20:21:59 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/08/2022 07:15:35 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/08/2022 05:35:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 99.0.1150.30 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3c24
Čas spuštění: 01d8330a61be0f8c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
ID hlášení: fc87e3a9-25a8-4eb7-bb01-655300089b15
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (03/06/2022 09:04:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1566 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 20b0
Čas spuštění: 01d8317f50849928
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 160153ba-875f-4bd9-9049-fd5da8dc3cc1
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (03/03/2022 10:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/25/2022 04:53:49 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-THCR9VP)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (03/09/2022 05:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/09/2022 05:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/08/2022 09:05:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/08/2022 09:05:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/06/2022 11:00:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-THCR9VP)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/06/2022 08:25:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NFFX4SZZ23L-Microsoft.549981C3F5F10.
Error: (03/06/2022 06:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LanWlanWwanSwitchingServiceUWP bylo dosaženo časového limitu (45000 ms).
Error: (03/06/2022 06:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HotKeyServiceUWP bylo dosaženo časového limitu (45000 ms).
CodeIntegrity:
===============
Date: 2022-03-09 19:19:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\bdamsi\265769466872593704\antimalware_provider64.dll that did not meet the Windows signing level requirements.
Date: 2022-03-09 18:00:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\bdamsi\265769466872593704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: HP S71 Ver. 01.12.00 01/12/2022
Motherboard: HP 869D
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 8029.54 MB
Available physical RAM: 2508.54 MB
Total Virtual: 9309.54 MB
Available Virtual: 2715.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.74 GB) (Free:38.23 GB) NTFS
\\?\Volume{44a35f1a-88a0-47be-9377-7afb1cd4f9f7}\ () (Fixed) (Total:1.03 GB) (Free:0.05 GB) NTFS
\\?\Volume{c31de579-c540-4d23-b752-67f3b1255cf5}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vyskakující okno ohledně viru v notebooku (MS Edge)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
vyskakující okno ohledně viru v notebooku (MS Edge)
- Přílohy
-
- vir.jpg (31.57 KiB) Zobrazeno 1055 x
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
tak ADWCleaner nenašel nic, jen předinstalovaný software od výrobce ntb, který se mi úplně mazat nechce a předpokládám,m že s mým problémem nesouvisí, ale pokud bude potřeba, tak ho samozřejmě odinstaluji.
Log :
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-09-2022
# Duration: 00:00:05
# OS: Windows 10 Pro
# Scanned: 32034
# Detected: 10
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Já\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
AdwCleaner[S00].txt - [4530 octets] - [23/12/2021 11:45:32]
AdwCleaner[C00].txt - [4196 octets] - [23/12/2021 11:46:47]
AdwCleaner[S01].txt - [1597 octets] - [23/12/2021 11:49:39]
AdwCleaner[C01].txt - [1798 octets] - [23/12/2021 11:50:08]
AdwCleaner[S02].txt - [1649 octets] - [23/12/2021 11:50:38]
AdwCleaner[S03].txt - [2966 octets] - [08/03/2022 19:06:52]
AdwCleaner[S04].txt - [3027 octets] - [08/03/2022 19:07:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
Log :
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-09-2022
# Duration: 00:00:05
# OS: Windows 10 Pro
# Scanned: 32034
# Detected: 10
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Já\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
AdwCleaner[S00].txt - [4530 octets] - [23/12/2021 11:45:32]
AdwCleaner[C00].txt - [4196 octets] - [23/12/2021 11:46:47]
AdwCleaner[S01].txt - [1597 octets] - [23/12/2021 11:49:39]
AdwCleaner[C01].txt - [1798 octets] - [23/12/2021 11:50:08]
AdwCleaner[S02].txt - [1649 octets] - [23/12/2021 11:50:38]
AdwCleaner[S03].txt - [2966 octets] - [08/03/2022 19:06:52]
AdwCleaner[S04].txt - [3027 octets] - [08/03/2022 19:07:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Preinstalled není třeba mazat, někteří uživatelé ho používají.
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Já\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {E4406DAC-3160-4684-B39A-450B85FF43D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
Task: {FE7AD8EB-54BF-450A-AA6A-D703DFFF8164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2022
Ran by Já (09-03-2022 21:41:02) Run:1
Running from C:\Users\Já\Downloads
Loaded Profiles: Já
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {E4406DAC-3160-4684-B39A-450B85FF43D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
Task: {FE7AD8EB-54BF-450A-AA6A-D703DFFF8164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4406DAC-3160-4684-B39A-450B85FF43D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4406DAC-3160-4684-B39A-450B85FF43D2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE7AD8EB-54BF-450A-AA6A-D703DFFF8164}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE7AD8EB-54BF-450A-AA6A-D703DFFF8164}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14856437 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3556823 B
Edge => 0 B
Chrome => 731505391 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 81964 B
NetworkService => 83118 B
Já => 63788054 B
RecycleBin => 0 B
EmptyTemp: => 777.4 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-03-2022 21:42:08)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 21:42:08 ====
Ran by Já (09-03-2022 21:41:02) Run:1
Running from C:\Users\Já\Downloads
Loaded Profiles: Já
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {E4406DAC-3160-4684-B39A-450B85FF43D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
Task: {FE7AD8EB-54BF-450A-AA6A-D703DFFF8164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-29] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4406DAC-3160-4684-B39A-450B85FF43D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4406DAC-3160-4684-B39A-450B85FF43D2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE7AD8EB-54BF-450A-AA6A-D703DFFF8164}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE7AD8EB-54BF-450A-AA6A-D703DFFF8164}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14856437 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3556823 B
Edge => 0 B
Chrome => 731505391 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 81964 B
NetworkService => 83118 B
Já => 63788054 B
RecycleBin => 0 B
EmptyTemp: => 777.4 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-03-2022 21:42:08)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 21:42:08 ====
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
bohužel, okno stále vyskakuje 
((
((
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
ospravedlnujem sa za vstup
skus navod pre chrome https://malwaretips.com/blogs/remove-imendocals-com/
skus navod pre chrome https://malwaretips.com/blogs/remove-imendocals-com/
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Můžete také prohlížeče vyčistit. Spusťte postupně tyto utility:
1. Stahnete Zoek https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ rozbalte a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ rozbalte a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
tak jsem zkusil ten návod pro Edge a po vypnutí oznamování toho imendocals okno nevyskakujeJaRon píše: ↑10 bře 2022 06:58 ospravedlnujem sa za vstup
skus navod pre chrome https://malwaretips.com/blogs/remove-imendocals-com/
Ty vyhledávače malwaru nic nenašli, je možné, že bylo zapnuté pouze to povolení aniž by v ntb byl nějaký parchant?
díky
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Rudy píše: ↑10 bře 2022 10:31 Můžete také prohlížeče vyčistit. Spusťte postupně tyto utility:
1. Stahnete Zoek https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ rozbalte a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
zkusil jsem ten návod od kolegy výše a okno nevyskakuje, otázkou je, jestli tam zůstal někde, nebo stačilo jen vypnout to oznamování...
Každopádně mám dne méně času, ale spustil jsem alespoň ten junkware a ten vypadé, že v prohlížečích nic nenašel, log zde :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by J (Administrator) on 10.03.2022 at 20:40:06,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate (Task)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9FE22663AB17750FDC06C95DF7C6A50D (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.03.2022 at 20:42:22,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
Je to možné. JRT smazal nějaké věci v registry a jeden soubor v úlohách. Pokud nic nevyskakuje, je možné, že šlo o to povolení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
vyskakování od té doby zmizelo, takže to nyní vypadá vše v pořádku
Takže děkuji moc oběma, skvělá práce
Takže děkuji moc oběma, skvělá práce
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakující okno ohledně viru v notebooku (MS Edge)
I za kolegu: Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?