Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, podezření na havěť. Děkuji

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
m.b.
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 16 lis 2007 19:28
Bydliště: Kolínsko
Kontaktovat uživatele:

Prosím o kontrolu, podezření na havěť. Děkuji

#1 Příspěvek od m.b. »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by brenn (12-01-2021 07:27:24)
Running from C:\Users\brenn\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-06-25 13:54:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3422601766-3474521219-3390658230-500 - Administrator - Disabled)
brenn (S-1-5-21-3422601766-3474521219-3390658230-1001 - Administrator - Enabled) => C:\Users\brenn
DefaultAccount (S-1-5-21-3422601766-3474521219-3390658230-503 - Limited - Disabled)
Guest (S-1-5-21-3422601766-3474521219-3390658230-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3422601766-3474521219-3390658230-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{827DFEF9-DF8F-ECF5-4ED5-DDE780EBC79C}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}) (Version: 3.1.0.0342 - Advanced Micro Devices, Inc.)
AMD Processor Driver (HKLM-x32\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2.0053 - AMD)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.8.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.8.0 - ASUSTek COMPUTER INC.)
ASUS Smart Doctor (HKLM-x32\...\{809D7E6D-915D-4EAD-821F-E13D93F37161}) (Version: 5.80 - ASUSTek COMPUTER INC.) Hidden
ASUS Smart Doctor (HKLM-x32\...\InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}) (Version: 5.80 - ASUSTek COMPUTER INC.)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - )
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.15.00 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{D2041771-9D99-4C4A-9A55-44FD473EF511}) (Version: 3.2.2.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HydraVision (HKLM-x32\...\{C9F6C6FA-F8B8-83D5-8D94-41CA6F1E7EBB}) (Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.20.5.39 - Symantec Corporation)
Odinstalace tiskárny EPSON WF-2850 Series (HKLM\...\EPSON WF-2850 Series) (Version: - Seiko Epson Corporation)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
RAIDXpert (HKLM-x32\...\{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM-x32\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.24.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5880 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\Wargaming.net Game Center) (Version: 20.7.2.2851 - Wargaming.net)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-21] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad]
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-12-28] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\brenn\Desktop\VirusTotal.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dnopbpmlkabcondfpckfnhgabfcncjmg
ShortcutWithArgument: C:\Users\brenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\VirusTotal.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dnopbpmlkabcondfpckfnhgabfcncjmg

==================== Loaded Modules (Whitelisted) =============

2009-12-15 23:44 - 2009-12-15 23:44 - 000516096 _____ () [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2017-09-12 18:05 - 2017-09-12 18:05 - 000065536 _____ () [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll
2017-11-14 15:35 - 2017-11-14 15:35 - 001772544 _____ () [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2012-09-28 15:22 - 2012-09-28 15:22 - 000090112 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2012-09-28 15:23 - 2012-09-28 15:23 - 000217088 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
2012-09-28 15:22 - 2012-09-28 15:22 - 000242688 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
2017-05-02 17:17 - 2017-05-02 17:17 - 000106496 _____ (ASUSTek Computer Inc.,) [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\EIO.DLL
2009-12-15 23:44 - 2009-12-15 23:44 - 000098304 _____ (ATI Technology INC) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\prdecode.dll
2009-12-15 23:44 - 2009-12-15 23:44 - 000077824 _____ (ATI Technology INC) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\prerrlog.dll
2009-12-15 23:44 - 2009-12-15 23:44 - 000221184 _____ (ATI Technology INC) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\pri2plgnnapa.dll
2008-06-10 03:44 - 2008-06-10 03:44 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\MSVCR71.dll
2009-12-09 21:50 - 2009-12-09 21:50 - 000176128 _____ (Promise Technology, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\pmsjni.dll
2020-02-07 16:20 - 2020-02-07 16:20 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 15:41 - 2018-03-05 15:41 - 000057856 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 16:39 - 2009-10-21 16:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000098304 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\EbpD4Fax.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUADRFIL.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXCFG.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXCSR.DLL
2020-10-10 07:28 - 2020-04-20 00:00 - 000393216 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXLDB.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000651264 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXTIF.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUIMGCDC.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FULEPP.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUSTMMSG.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000356352 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUSVCCLT.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUUSBHLP.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\FUVERDLG.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000073728 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUDEVCOM.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUDRVUTL.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUPRBDEV.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUSNMPUT.dll
2020-10-10 07:28 - 2020-04-19 17:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2020-10-10 07:28 - 2020-04-19 17:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2020-10-10 07:28 - 2020-04-19 17:00 - 000245760 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2020-10-10 07:28 - 2020-04-19 17:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2020-10-10 07:28 - 2020-04-19 17:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2020-10-10 07:28 - 2020-04-19 17:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENCM.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENNW.dll
2020-10-10 07:28 - 2020-04-20 00:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENUTIL.dll
2008-08-25 00:31 - 2008-08-25 00:31 - 002334720 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\client\jvm.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000015872 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\hpi.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000126976 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\java.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000018432 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\management.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000077824 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\net.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000020480 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\nio.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000031744 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\verify.dll
2008-06-10 03:27 - 2008-06-10 03:27 - 000047104 _____ (Sun Microsystems, Inc.) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\zip.dll
2017-03-30 10:49 - 2017-03-30 10:49 - 001649152 _____ (TODO: <ASUS>) [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\VGA_TaskScheduler.dll
2017-05-19 16:09 - 2017-05-19 16:09 - 001851904 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\FeedbackChart.ocx
2017-07-10 17:44 - 2017-07-10 17:44 - 002012672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\ChartEx.ocx
2017-11-01 15:02 - 2017-11-01 15:02 - 001916928 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\TweakInterface.dll
2015-02-10 07:02 - 2015-02-10 07:02 - 001799680 ____R (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\GPU TweakII\Win81OS.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2020-01-27 17:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7C82951E-CDAF-4CFF-82B9-DA1B27701F86}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [UDP Query User{9AD512A3-88D2-4276-BE6C-6C60AE200585}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{773D7456-C950-4CB2-B561-308A58AF56A0}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [UDP Query User{2DC97D62-B6FD-4130-9B5D-60279A5B395D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{D0FF4858-C2BA-4477-87B9-DD9C186D88BC}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{31DC21F5-5E62-4A3A-8239-E748C36CE063}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{D11F5533-3474-495C-9B5B-064AB4051758}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-12-2020 14:05:45 Installed AMD OverDrive.
29-12-2020 09:27:27 Driver Booster : PCI Standardní dvoukanálový řadič IDE
03-01-2021 11:53:02 Windows Update
03-01-2021 16:54:56 Installed HP Photosmart 5510 series Basic Device Software
03-01-2021 16:55:49 Installed HP Photosmart 5510 series Basic Device Software
03-01-2021 16:57:47 Removed Základní software zařízení HP Photosmart 5510 series
09-01-2021 06:15:44 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
10-01-2021 14:08:49 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/10/2021 07:13:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Probíhá vypnutí systému.
.

Error: (01/10/2021 07:10:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\brenn\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Popis = JRT Pre-Junkware Removal; Chyba = 0x8007043c).

Error: (01/10/2021 03:32:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Probíhá vypnutí systému.
.

Error: (01/10/2021 02:10:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/10/2021 02:08:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.508, časové razítko: 0xcd97c98b
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000008b91f
ID chybujícího procesu: 0x404
Čas spuštění chybující aplikace: 0x01d6e751078f480b
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 91f2030f-9b27-4220-821d-d0d03bcc1e03
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/10/2021 02:08:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0x4fe0bcb3
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000008b91f
ID chybujícího procesu: 0x19e8
Čas spuštění chybující aplikace: 0x01d6e75112ee98cf
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 9ffb3014-1c54-4ffc-9974-27b0bd7b6b68
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (01/10/2021 08:50:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.420.11102.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c88

Čas spuštění: 01d6e723ec50f7d3

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe

ID hlášení: 85641835-f9d5-474c-864b-274c3df92892

Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Navigation

Error: (01/09/2021 08:58:58 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (01/11/2021 07:08:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:03:20, ‎11.‎01.‎2021) bylo neočekávané.

Error: (01/11/2021 08:54:13 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/11/2021 08:53:01 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/11/2021 08:53:01 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/11/2021 08:51:20 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/11/2021 08:51:19 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/11/2021 08:51:14 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/11/2021 08:51:13 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2RLPED0)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Windows Defender:
===================================
Date: 2020-12-20 17:11:40.8800000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C60EB7EA-D56B-476F-BCB3-7DE05DBFD1FB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-19 13:14:19.0160000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7335A971-8BE7-42A0-84CA-533DF0279D27}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-19 13:10:49.5220000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0126911A-FC66-47B8-9FD1-A1D01F290740}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-19 13:08:26.3270000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37611914-6C7C-4C16-BE0A-9D0E3911F74A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-19 01:15:54.5240000Z
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\Norton Security\Engine\22.20.5.39\cltLMH.exe provádění změn v paměti.
Čas detekce: 2020-12-19T00:15:54.524Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\Norton Security\Engine\22.20.5.39\cltLMH.exe
Verze bezpečnostních informací: 1.329.193.0
Verze modulu: 1.1.17700.4
Verze produktu: 4.18.2011.6

Date: 2020-12-20 19:52:02.7700000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.193.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-20 19:52:02.7690000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.193.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-20 19:52:02.7670000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.193.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-20 19:52:02.7200000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.193.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-12-20 19:52:02.7190000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.193.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2021-01-11 19:11:51.2450000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.2330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.2210000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.2090000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.1950000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.1810000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.1680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-11 19:11:51.1560000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1001 06/10/2010
Motherboard: ASUSTeK Computer INC. M4A785D-M PRO
Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 36%
Total physical RAM: 8191.17 MB
Available physical RAM: 5169.28 MB
Total Virtual: 9855.17 MB
Available Virtual: 6725.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.61 GB) (Free:253.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{04239dcc-0000-0000-0000-103d74000000}\ () (Fixed) (Total:0.81 GB) (Free:0.38 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 04239DCC)
Partition 1: (Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=825 MB) - (Type=27)




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by brenn (administrator) on DESKTOP-2RLPED0 (12-01-2021 07:25:35)
Running from C:\Users\brenn\Desktop
Loaded Profiles: brenn
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
() [File not signed] C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) [File not signed] C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe
(DeviceVM, Inc.) [File not signed] C:\ASUS.SYS\config\DVMExportService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIWAE.EXE
(Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe <2>
(VIA Technologies, Inc -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-04-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670856 2020-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896136 2020-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File not signed]
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2763776 2009-10-28] (VIA) [File not signed]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWAE.EXE [418736 2019-08-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\Run: [ASUS SmartDoctor] => C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe [1310720 2002-01-06] (ASUSTeK Inc.) [File not signed]
HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-09-28] (AMD) [File not signed]
HKLM\...\Print\Monitors\EPSON WF-2850 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBWAE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP a111 Status Monitor: hpinkstsa111LM.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F573AFB-B6B4-437B-92B0-8F8224F3BC96} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {5682E5A4-9DE1-4965-8D13-C37703CFBE44} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {675ED03C-975C-48D4-8143-4DDC1CAC08BD} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6F13000D-5169-4F62-B425-E61548CBD7C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-08] (Google Inc -> Google Inc.)
Task: {756F0ECB-8F21-4C59-B1F8-B737F10B5B3C} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3422601766-3474521219-3390658230-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-03] (Microsoft Windows -> )
Task: {93AA037B-41A0-49F0-A89D-AB145B585258} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-08] (Google Inc -> Google Inc.)
Task: {AA43C78D-CF6A-4D47-B24E-7744EF8128D7} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {ACA0DFFF-C56D-4113-9D3C-BD6BD48E0712} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {D7412495-14CD-41B0-8DAD-DD3607200B63} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [10996176 2017-11-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {E19CE61B-43C0-49A4-BD28-63CCAFCEBC07} - System32\Tasks\EPSON WF-2850 Series Update {F0575469-FAFF-4BFD-A9B6-9BD47EC6FCB0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWAE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {F930C131-476E-4A26-A970-E79A421A0B98} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2850 Series Update {F0575469-FAFF-4BFD-A9B6-9BD47EC6FCB0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWAE.EXE:/EXE:{F0575469-FAFF-4BFD-A9B6-9BD47EC6FCB0} /F:UpdateWORKGROUP\DESKTOP-2RLPED0$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f4656cde-b854-4974-ae22-bda0f32caebb}: [DhcpNameServer] 192.168.1.1

Edge:
======
DownloadDir: C:\Users\brenn\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001 -> hxxps://www.itproportal.com; hxxps://hlidacipes.org; hxxps://www.youtube.com; hxxps://zpravy.aktualne.cz; hxxps://community.windows.com
Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.11.5.0_neutral__v68kp9n051hdp [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\brenn\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-12]
Edge DownloadDir: C:\Users\brenn\Downloads
Edge Notifications: Default -> hxxps://community.windows.com; hxxps://hlidacipes.org; hxxps://www.itproportal.com; hxxps://www.youtube.com; hxxps://zpravy.aktualne.cz
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> seznam.cz
Edge DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
Edge Extension: (Norton Safe Web) - C:\Users\brenn\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-01-08]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default [2021-01-12]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.virustotal.com/gui/images/manifest/icon-192x192.png
CHR Extension: (Prezentace) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-08]
CHR Extension: (Dokumenty) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-08]
CHR Extension: (Disk Google) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-08]
CHR Extension: (VirusTotal) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnopbpmlkabcondfpckfnhgabfcncjmg [2021-01-12]
CHR Extension: (Tabulky) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\brenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [319488 2009-10-16] (DeviceVM, Inc.) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-07-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2020-12-29] (VIA Technologies, Inc -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [21048 2009-10-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 ASInsHelp; C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] (ASUSTeK Computer Inc. -> )
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] (ASUSTeK Computer Inc. -> )
S3 AtiDCM; C:\Users\brenn\AppData\Local\Temp\atdcm64a.sys [51104 2016-07-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) <==== ATTENTION
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.2.57\Definitions\BASHDefs\20210105.001\BHDrvx64.sys [1991536 2020-12-08] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-12-11] (Symantec Corporation -> Broadcom)
R1 EIO64; C:\WINDOWS\System32\drivers\EIO64.sys [16384 2021-01-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTeK Computer Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-12-27] (Symantec Corporation -> Broadcom)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-31] (Martin Malik - REALiX -> REALiX(tm))
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.2.57\Definitions\IPSDefs\20210111.001\IDSvia64.sys [1479536 2021-01-11] (Symantec Corporation -> Broadcom)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 MpKsl10515108; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{237D1231-6CEA-41B5-87F8-0BA5AD9DF981}\MpKslDrv.sys [47344 2020-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99848 2020-12-11] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.2.57\SymPlatform\SymEvnt.sys [712368 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 ATICDSDr; \??\C:\Users\brenn\AppData\Local\Temp\ATICDSDr.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-12 07:07 - 2021-01-12 07:07 - 000002721 _____ C:\Users\brenn\Desktop\VirusTotal.lnk
2021-01-12 07:07 - 2021-01-12 07:07 - 000000000 ____D C:\Users\brenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2021-01-12 06:05 - 2021-01-12 06:05 - 000003094 _____ C:\WINDOWS\system32\Tasks\GPU Tweak II
2021-01-11 19:36 - 2021-01-11 19:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-01-11 08:47 - 2021-01-11 08:47 - 002281472 _____ (Farbar) C:\Users\brenn\Desktop\FRST64.exe
2021-01-11 08:33 - 2021-01-11 08:33 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-01-10 19:06 - 2021-01-10 19:06 - 000000000 ____D C:\Users\brenn\AppData\Local\RadeonInstaller
2021-01-10 14:11 - 2021-01-10 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\brenn\AppData\Roaming\ATI
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\brenn\AppData\Local\ATI
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\Users\brenn\AppData\Local\AMD
2021-01-10 14:10 - 2021-01-10 14:10 - 000000000 ____D C:\ProgramData\ATI
2021-01-10 14:09 - 2021-01-10 14:09 - 000000000 ____D C:\ProgramData\AMD
2021-01-10 14:09 - 2021-01-10 14:09 - 000000000 ____D C:\Program Files (x86)\AMD APP
2021-01-10 14:08 - 2021-01-10 19:06 - 000000000 ____D C:\Program Files\AMD
2021-01-10 14:08 - 2021-01-10 19:06 - 000000000 ____D C:\AMD
2021-01-10 14:08 - 2021-01-10 14:11 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-01-10 14:08 - 2021-01-10 14:09 - 000000000 ____D C:\Program Files\ATI Technologies
2021-01-10 14:08 - 2021-01-10 14:08 - 000000000 ____D C:\Program Files\ATI
2021-01-10 14:08 - 2012-08-21 23:56 - 000091648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys
2021-01-10 14:07 - 2021-01-10 14:08 - 000000000 ____D C:\WINDOWS\LastGood
2021-01-10 14:06 - 2021-01-10 14:06 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-01-10 14:06 - 2021-01-10 14:06 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2021-01-09 08:46 - 2021-01-09 08:46 - 000630016 _____ (Dell Inc.) C:\Users\brenn\Downloads\SupportAssistLauncher.exe
2021-01-09 08:46 - 2021-01-09 08:46 - 000000000 ____D C:\ProgramData\SupportAssist
2021-01-09 07:46 - 2021-01-09 07:46 - 000000000 ____D C:\Users\brenn\Downloads\ATI_9_002WHQL_Win8
2021-01-09 07:46 - 2012-09-28 09:05 - 000070144 _____ (AMD) C:\WINDOWS\system32\coinst_9.002.dll
2021-01-09 07:46 - 2012-09-28 08:36 - 000059392 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\atiedu64.dll
2021-01-09 07:46 - 2012-09-28 08:36 - 000043520 _____ (ATI Technologies, Inc.) C:\WINDOWS\SysWOW64\ati2edxx.dll
2021-01-09 07:46 - 2012-09-28 08:29 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-01-09 07:46 - 2012-09-28 08:29 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-01-09 07:46 - 2012-09-28 08:29 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-01-09 07:46 - 2012-09-28 08:29 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-01-09 07:46 - 2012-09-14 22:00 - 000038452 _____ C:\WINDOWS\atiogl.xml
2021-01-09 07:46 - 2011-09-13 05:06 - 000003917 _____ C:\WINDOWS\SysWOW64\atipblag.dat
2021-01-09 07:46 - 2011-09-13 05:06 - 000003917 _____ C:\WINDOWS\system32\atipblag.dat
2021-01-09 07:46 - 2009-05-12 04:35 - 000118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2021-01-09 07:13 - 2021-01-10 13:21 - 000000000 ____D C:\Users\brenn\AppData\Roaming\Easeware
2021-01-09 07:13 - 2021-01-09 07:13 - 005195672 _____ (Easeware ) C:\Users\brenn\Downloads\DriverEasy_Setup.exe
2021-01-09 07:03 - 2021-01-09 07:05 - 265474257 _____ C:\Users\brenn\Downloads\ATI_9_002WHQL_Win8.zip
2021-01-09 07:02 - 2021-01-09 07:03 - 169958188 _____ C:\Users\brenn\Downloads\8_861_Asus_Vista_Win7_WHQL (1).zip
2021-01-09 06:53 - 2021-01-09 06:53 - 000016384 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\EIO64.sys
2021-01-09 06:48 - 2021-01-09 06:50 - 000000000 ____D C:\Users\brenn\Downloads\SmartDoc580
2021-01-09 06:47 - 2021-01-09 06:47 - 019242978 _____ C:\Users\brenn\Downloads\SmartDoc580.zip
2021-01-06 11:28 - 2021-01-06 11:28 - 000122278 _____ C:\Users\brenn\Downloads\Kočerha Jiří - výpověď ČPP.pdf
2021-01-06 11:28 - 2021-01-06 11:28 - 000122278 _____ C:\Users\brenn\Downloads\Kočerha Jiří - výpověď ČPP (1).pdf
2021-01-03 16:48 - 2021-01-03 16:57 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2021-01-03 16:48 - 2021-01-03 16:48 - 006180792 _____ (Glarysoft Ltd) C:\Users\brenn\Downloads\ausetup.exe
2021-01-03 16:41 - 2021-01-03 16:41 - 009665952 _____ (NortonLifeLock Inc.) C:\Users\brenn\Downloads\NPE (1).exe
2021-01-03 11:54 - 2021-01-03 11:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-03 11:44 - 2021-01-11 08:47 - 000810246 _____ C:\WINDOWS\ntbtlog.txt
2021-01-03 10:49 - 2021-01-09 08:56 - 000000000 ____D C:\Users\brenn\Downloads\[Guru3D.com]-DDU
2021-01-03 10:49 - 2021-01-03 11:45 - 000000000 ____D C:\Users\brenn\Desktop\DDU v18.0.3.5
2021-01-03 10:17 - 2021-01-03 10:17 - 001353865 _____ C:\Users\brenn\Downloads\[Guru3D.com]-DDU.zip
2020-12-30 10:11 - 2020-12-30 04:47 - 067870776 _____ (AMD Inc.) C:\Users\brenn\Downloads\amd-chipset-drivers_18.10_0830.exe
2020-12-30 10:06 - 2021-01-03 11:57 - 000004292 _____ C:\WINDOWS\system32\Tasks\AMD Updater
2020-12-29 20:10 - 2008-01-04 13:34 - 000011832 _____ C:\WINDOWS\SysWOW64\Drivers\AsInsHelp64.sys
2020-12-29 20:09 - 2020-12-29 20:09 - 000001769 _____ C:\WINDOWS\Language_trs.ini
2020-12-29 17:11 - 2020-12-29 17:11 - 000000000 ____D C:\Users\brenn\Downloads\003380
2020-12-29 17:10 - 2020-12-29 17:10 - 000279452 _____ C:\Users\brenn\Downloads\003380.rar
2020-12-29 10:10 - 2020-12-29 10:10 - 000000000 ____D C:\Users\brenn\AppData\Roaming\WinRAR
2020-12-29 09:31 - 2020-12-29 09:31 - 003315336 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\VIAPropPageExt.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 002050984 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMAPO264.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 002045208 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViaMicArrayAPO.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 001774288 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\VMAPO232.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 001199104 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViaKaraokeApo.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 000919336 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMAPO64.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000776456 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\VMAPO32.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000709856 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viahduaa.sys
2020-12-29 09:31 - 2020-12-29 09:31 - 000654560 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMTHX64.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000617488 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\VIASysFx.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 000588384 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\VMTHX32.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000419176 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMWRP64.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000140416 _____ (VIA Technologies,Inc.) C:\WINDOWS\system32\ViaKaraokePropPageExt.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 000112256 _____ (VIA Technologies,Inc.) C:\WINDOWS\system32\ViaMicArrayPropPageExt.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 000089464 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\VtSrdAPO.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 000082960 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMPPLD64.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000078792 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMPPCN64.DLL
2020-12-29 09:31 - 2020-12-29 09:31 - 000069600 _____ (TODO: <Company name>) C:\WINDOWS\system32\PropPageExt.dll
2020-12-29 09:31 - 2020-12-29 09:31 - 000050904 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\VMfilt64.sys
2020-12-29 09:31 - 2020-12-29 09:31 - 000041952 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViakaraokeSrv.exe
2020-12-29 09:31 - 2020-12-29 09:31 - 000000000 ____D C:\Program Files\VIA
2020-12-29 09:28 - 2020-12-29 09:28 - 000013848 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\Drivers\amdide64.sys
2020-12-29 09:28 - 2020-12-29 09:28 - 000000000 ____D C:\Users\brenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 09:28 - 2020-12-29 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-29 09:27 - 2020-12-29 19:16 - 000000000 ____D C:\Program Files\WinRAR
2020-12-29 09:25 - 2020-12-29 09:25 - 003334088 _____ (Alexander Roshal) C:\Users\brenn\Downloads\winrar-x64-600.exe
2020-12-29 09:22 - 2020-12-29 09:22 - 026296544 _____ (IObit ) C:\Users\brenn\Downloads\driver_booster_setup.exe
2020-12-27 14:06 - 2020-12-27 14:06 - 000001136 _____ C:\Users\Public\Desktop\AMD OverDrive.lnk
2020-12-26 22:57 - 2020-12-26 22:58 - 000000000 ____D C:\Users\brenn\Downloads\8_861_Asus_Vista_Win7_WHQL
2020-12-26 22:56 - 2020-12-26 22:57 - 169958188 _____ C:\Users\brenn\Downloads\8_861_Asus_Vista_Win7_WHQL.zip
2020-12-26 21:51 - 2020-12-26 21:51 - 000000000 ____D C:\Users\brenn\Downloads\AMD_Chipset_V51010008_XP
2020-12-21 06:39 - 2020-12-21 06:39 - 000000000 ____D C:\ProgramData\Intel
2020-12-20 21:01 - 2020-12-20 21:01 - 000000000 ____D C:\Users\brenn\AppData\Roaming\AMD
2020-12-20 21:00 - 2021-01-08 16:20 - 000000000 ____D C:\Users\brenn\AppData\Local\AMD_Common
2020-12-20 21:00 - 2020-12-20 21:00 - 000000000 ____D C:\Users\brenn\AppData\Local\setup
2020-12-20 17:16 - 2020-12-20 17:16 - 000000000 ____D C:\Users\brenn\Downloads\VIA_Audio_V6017900_XpVistaWin7
2020-12-20 09:03 - 2020-12-20 08:18 - 2466303609 _____ C:\Users\brenn\Downloads\016100.zip
2020-12-20 08:52 - 2020-12-20 06:52 - 005650077 _____ C:\Users\brenn\Downloads\000403.zip
2020-12-20 06:37 - 2020-12-20 06:36 - 014740699 _____ C:\Users\brenn\Downloads\AsusUpdt_V71803.zip
2020-12-19 21:03 - 2020-12-19 20:38 - 014264767 _____ C:\Users\brenn\Downloads\AMD_HDMI_V51005880_V6015880_XPVistaWin7.zip
2020-12-19 21:03 - 2020-12-19 20:38 - 005832359 _____ C:\Users\brenn\Downloads\AMD_CnQ_V21803_XpVistaWin7.zip
2020-12-19 21:02 - 2020-12-19 20:52 - 248867974 _____ C:\Users\brenn\Downloads\AMD_VGA_V871000_XPVISTAWIN7.zip
2020-12-19 21:02 - 2020-12-19 20:49 - 023503844 _____ C:\Users\brenn\Downloads\AMD_AOD_V3200386_XPVISTAWIN7.zip
2020-12-19 21:02 - 2020-12-19 20:49 - 003705365 _____ C:\Users\brenn\Downloads\TurboKey_V10103_XPVistaWin7.zip
2020-12-19 21:02 - 2020-12-19 20:48 - 048852128 _____ C:\Users\brenn\Downloads\AMDXpert_V32154010_XPVISTAWIN7.zip
2020-12-19 21:02 - 2020-12-19 20:46 - 005832359 _____ C:\Users\brenn\Downloads\AMD_CnQ_V21803_XpVistaWin7-1.zip
2020-12-19 21:02 - 2020-12-19 20:44 - 011794906 _____ C:\Users\brenn\Downloads\EPU4_V10025_XPVistaWin7.zip
2020-12-19 21:02 - 2020-12-19 20:42 - 002012724 _____ C:\Users\brenn\Downloads\ATI_RAIDAHCI_V311540127_V120125_XPVistaWin7.zip
2020-12-19 21:00 - 2020-12-19 20:56 - 306670293 _____ C:\Users\brenn\Downloads\AMD_Chipset_V51010008_XP.zip
2020-12-19 21:00 - 2020-12-19 20:55 - 082301415 _____ C:\Users\brenn\Downloads\AMD_Chipset_V13254_51010008_XPVISTAWIN7-1.zip
2020-12-19 21:00 - 2020-12-19 20:55 - 011365059 _____ C:\Users\brenn\Downloads\Realtek_LAN_V57265252009_V62235252009.zip
2020-12-19 16:32 - 2021-01-12 07:08 - 000000177 ____H C:\dvmexp.idx
2020-12-19 16:24 - 2020-12-19 16:32 - 000000000 ___HD C:\temp
2020-12-19 16:24 - 2020-12-19 16:32 - 000000000 ___HD C:\dvmexp
2020-12-19 16:24 - 2020-12-19 16:24 - 000000071 ____H C:\splash.idx
2020-12-19 16:24 - 2020-12-19 16:24 - 000000000 ___HD C:\ASUS.000
2020-12-19 16:23 - 2020-12-27 14:04 - 000000000 ____D C:\Users\brenn\AppData\Local\Downloaded Installations
2020-12-19 16:23 - 2020-12-19 16:23 - 000000000 ___HD C:\ASUS.SYS
2020-12-19 16:23 - 2020-12-19 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Gate
2020-12-19 16:21 - 2020-12-19 16:21 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2020-12-19 16:21 - 2020-12-19 16:21 - 000002091 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2020-12-19 16:21 - 2020-12-19 16:21 - 000000000 ____D C:\ProgramData\Adobe
2020-12-19 16:21 - 2020-12-19 16:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-19 16:19 - 2020-12-29 20:10 - 000000674 _____ C:\WINDOWS\setup.iss
2020-12-19 16:17 - 2020-12-29 20:10 - 000042896 _____ C:\WINDOWS\Ascd_log.ini
2020-12-19 16:17 - 2020-12-19 16:17 - 000000000 ____D C:\WINDOWS\AsDmiHtm
2020-12-19 16:11 - 2020-12-29 20:03 - 000033251 _____ C:\WINDOWS\Ascd_tmp.ini
2020-12-19 16:11 - 2009-02-19 10:35 - 000049152 _____ C:\WINDOWS\DAOD.exe
2020-12-19 15:55 - 2020-12-19 16:01 - 000000000 ____D C:\Users\brenn\Downloads\016100
2020-12-19 15:33 - 2020-12-19 15:45 - 000000000 ____D C:\Users\brenn\Downloads\000403
2020-12-19 14:38 - 2021-01-11 19:08 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-19 14:37 - 2010-03-19 13:20 - 000053248 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\ASUSBIOS.DLL
2020-12-19 14:37 - 2010-01-27 15:10 - 000069632 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\BIOSINFO.DLL
2020-12-19 14:37 - 2009-06-25 09:28 - 000176128 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\BS_DEF.DLL
2020-12-19 04:46 - 2020-12-19 04:46 - 000000000 ____D C:\Program Files (x86)\Downloaded Installations
2020-12-19 04:39 - 2009-04-03 05:30 - 000010296 _____ C:\WINDOWS\SysWOW64\Drivers\ASUSHWIO.SYS
2020-12-19 04:05 - 2020-12-19 04:05 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-12-19 04:05 - 2020-12-19 04:05 - 000000000 ____D C:\Users\brenn\Downloads\AMD_HDMI_V51005880_V6015880_XPVistaWin7
2020-12-19 04:05 - 2009-06-24 10:43 - 000831488 ____N (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-12-19 04:03 - 2020-12-19 04:03 - 000000000 ____D C:\Users\brenn\Downloads\EPU4_V10025_XPVistaWin7
2020-12-19 03:46 - 2009-09-30 11:33 - 000024576 _____ () C:\WINDOWS\SysWOW64\AsIO.dll
2020-12-19 03:46 - 2009-08-04 10:28 - 000013440 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2020-12-19 03:46 - 2004-02-27 00:00 - 000962612 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42d.dll
2020-12-19 03:46 - 2004-02-17 00:00 - 000434252 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCRTD.DLL
2020-12-19 03:45 - 2020-12-19 03:45 - 000000000 ____D C:\Users\brenn\Downloads\AMD_CnQ_V21803_XpVistaWin7
2020-12-19 03:43 - 2020-12-19 14:38 - 000306110 ____N C:\WINDOWS\Minidump\121920-31828-01.dmp
2020-12-19 03:42 - 2020-12-19 14:37 - 000021048 _____ C:\WINDOWS\BS_DEF.sys
2020-12-19 03:41 - 2020-12-19 14:37 - 000000000 ____D C:\Users\brenn\Downloads\AsusUpdt_V71803
2020-12-19 03:38 - 2020-12-27 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2020-12-19 03:37 - 2020-12-29 20:09 - 000000000 ____D C:\Program Files (x86)\AMD
2020-12-19 03:35 - 2020-12-19 03:35 - 000000000 ____D C:\Users\brenn\Downloads\AMDXpert_V32154010_XPVISTAWIN7
2020-12-19 03:32 - 2020-12-19 03:32 - 000000000 ____D C:\Users\brenn\Downloads\AMD_Chipset_V13254_51010008_XPVISTAWIN7
2020-12-19 03:30 - 2020-12-19 03:30 - 000000000 ____D C:\Users\brenn\Downloads\Realtek_LAN_V57265252009_V62235252009
2020-12-19 03:23 - 2020-12-19 03:23 - 000000000 ____D C:\Users\brenn\Downloads\ATI_RAIDAHCI_V311540127_V120125_XPVistaWin7
2020-12-19 01:20 - 2020-12-28 10:27 - 000001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2020-12-19 01:20 - 2020-12-28 10:27 - 000001283 _____ C:\Users\Public\Desktop\HD VDeck.lnk
2020-12-19 01:19 - 2020-12-28 10:27 - 000000000 ____D C:\Program Files (x86)\VIA
2020-12-19 01:06 - 2009-08-24 06:55 - 000016440 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\Drivers\AtiPcie.sys
2020-12-19 01:01 - 2020-12-19 01:01 - 000000000 ____D C:\Users\brenn\Downloads\RTL8111C_LAN_V735222009_WIN7
2020-12-19 01:00 - 2020-12-20 17:12 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-12-19 00:59 - 2020-12-19 18:40 - 083279754 _____ C:\Users\brenn\Downloads\AMD_Chipset_V13254_51010008_XPVISTAWIN7.zip
2020-12-19 00:59 - 2020-12-19 18:40 - 052010240 _____ C:\Users\brenn\Downloads\VIA_Audio_V6017900_XpVistaWin7.zip
2020-12-19 00:59 - 2020-12-19 18:40 - 000766248 _____ C:\Users\brenn\Downloads\M4A785D-M-PRO-ASUS-1001.zip
2020-12-19 00:59 - 2020-12-19 18:38 - 005966207 _____ C:\Users\brenn\Downloads\RTL8112L_V768202009_WIN7.zip
2020-12-19 00:59 - 2020-12-19 18:34 - 006152851 _____ C:\Users\brenn\Downloads\RTL8111C_LAN_V735222009_WIN7.zip
2020-12-19 00:59 - 2020-12-19 00:59 - 000000000 ____D C:\Users\brenn\Downloads\RTL8112L_V768202009_WIN7
2020-12-18 23:29 - 2020-12-19 14:40 - 000000000 ____D C:\WINDOWS\Minidump
2020-12-18 23:29 - 2020-12-19 03:43 - 000224770 ____N C:\WINDOWS\Minidump\121920-32781-01.dmp
2020-12-17 04:58 - 2020-12-17 04:58 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3422601766-3474521219-3390658230-1001
2020-12-17 04:57 - 2020-12-17 04:57 - 000002365 _____ C:\Users\brenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-12 07:26 - 2020-11-08 08:16 - 000019309 _____ C:\Users\brenn\Desktop\FRST.txt
2021-01-12 07:26 - 2019-03-24 11:00 - 000000000 ____D C:\FRST
2021-01-12 06:42 - 2020-06-25 14:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-12 06:36 - 2020-12-11 19:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-01-11 23:47 - 2020-06-25 14:31 - 000000000 ____D C:\Users\brenn
2021-01-11 20:09 - 2020-12-03 21:12 - 000001665 _____ C:\Users\brenn\Desktop\World of Tanks EU.lnk
2021-01-11 19:23 - 2020-02-23 16:33 - 000002338 _____ C:\Users\brenn\Desktop\Google Chrome.lnk
2021-01-11 19:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-11 19:08 - 2020-06-25 14:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-11 08:54 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-11 08:50 - 2020-11-08 08:16 - 000036060 _____ C:\Users\brenn\Desktop\Addition.txt
2021-01-11 08:47 - 2020-11-27 10:42 - 000000000 ____D C:\Users\brenn\Desktop\FRST-OlderVersion
2021-01-10 19:11 - 2020-11-27 10:15 - 000001063 _____ C:\Users\brenn\Desktop\JRT.txt
2021-01-10 14:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-10 14:08 - 2019-01-02 18:53 - 000000000 ____D C:\Users\brenn\AppData\Local\CrashDumps
2021-01-10 08:42 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-09 15:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-09 15:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-09 15:55 - 2020-06-08 16:51 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 15:55 - 2020-06-08 16:51 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-09 06:54 - 2018-12-30 22:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-09 06:54 - 2018-12-30 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-01-09 06:53 - 2018-12-30 22:32 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-01-09 06:53 - 2018-12-30 22:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-07 21:23 - 2019-03-08 19:18 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-03 16:58 - 2018-12-31 19:02 - 000000000 ____D C:\ProgramData\HP
2021-01-03 16:58 - 2018-12-31 19:02 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-03 16:50 - 2018-12-31 05:49 - 000000000 ____D C:\Program Files (x86)\IObit
2021-01-03 16:49 - 2018-12-31 05:48 - 000000000 ____D C:\Users\brenn\AppData\Roaming\IObit
2021-01-03 16:44 - 2019-11-18 17:54 - 000000000 ____D C:\Users\brenn\AppData\Local\NPE
2021-01-03 16:02 - 2020-11-27 09:43 - 000000000 ____D C:\Users\brenn\Desktop\PC udržba - Rudy forum viry.cz
2021-01-03 15:30 - 2018-12-31 05:48 - 000000000 ____D C:\ProgramData\IObit
2020-12-30 10:05 - 2018-12-30 22:19 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-29 20:10 - 2020-12-11 19:04 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2020-12-28 09:28 - 2018-12-30 22:16 - 000000000 ____D C:\Users\brenn\AppData\Local\PlaceholderTileLogoFolder
2020-12-28 09:28 - 2018-12-30 22:14 - 000000000 ____D C:\Users\brenn\AppData\Local\Packages
2020-12-28 09:13 - 2019-11-17 16:53 - 000001067 _____ C:\Users\brenn\Desktop\TOTALCMD – zástupce.lnk
2020-12-22 10:53 - 2020-06-25 14:44 - 000004502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-22 10:53 - 2019-12-07 15:43 - 001250898 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-22 10:53 - 2019-12-07 15:43 - 000312510 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-20 21:00 - 2019-12-03 04:41 - 000000000 ____D C:\Users\brenn\AppData\Local\cache
2020-12-20 19:08 - 2020-10-29 09:13 - 000000000 ____D C:\AdwCleaner
2020-12-19 16:21 - 2018-12-30 22:14 - 000000000 ____D C:\Users\brenn\AppData\Roaming\Adobe
2020-12-19 03:40 - 2020-06-25 14:28 - 000310472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-19 03:37 - 2019-01-09 19:26 - 000000000 ____D C:\Users\brenn\AppData\Local\ElevatedDiagnostics
2020-12-19 03:37 - 2018-12-30 22:32 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2020-12-19 02:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-18 23:29 - 2018-12-30 21:59 - 000266754 ____N C:\WINDOWS\Minidump\121820-24156-01.dmp
2020-12-18 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-18 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-17 04:57 - 2018-12-30 22:16 - 000000000 ___RD C:\Users\brenn\OneDrive

==================== Files in the root of some directories ========

2019-01-12 11:27 - 2019-01-12 11:41 - 000000046 _____ () C:\Users\brenn\AppData\Roaming\MCVi2UserDetail.ini
2019-08-13 04:48 - 2020-06-25 17:34 - 000007605 _____ () C:\Users\brenn\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113144
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

m.b.
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 16 lis 2007 19:28
Bydliště: Kolínsko
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#3 Příspěvek od m.b. »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-12-2021
# Duration: 00:00:25
# OS: Windows 10 Pro
# Scanned: 31956
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1405 octets] - [06/11/2020 22:13:17]
AdwCleaner[S01].txt - [1466 octets] - [07/11/2020 18:17:22]
AdwCleaner[C01].txt - [1656 octets] - [07/11/2020 18:17:40]
AdwCleaner[S02].txt - [1588 octets] - [08/11/2020 07:52:11]
AdwCleaner[S03].txt - [1649 octets] - [08/11/2020 08:09:44]
AdwCleaner[S04].txt - [1710 octets] - [09/11/2020 09:39:03]
AdwCleaner[S05].txt - [1771 octets] - [17/11/2020 09:49:12]
AdwCleaner[S06].txt - [1832 octets] - [23/11/2020 10:28:55]
AdwCleaner[S07].txt - [1893 octets] - [27/11/2020 08:51:30]
AdwCleaner[S08].txt - [1954 octets] - [27/11/2020 12:20:58]
AdwCleaner[S09].txt - [2015 octets] - [01/12/2020 19:07:01]
AdwCleaner[S10].txt - [2076 octets] - [03/12/2020 19:58:34]
AdwCleaner[S11].txt - [2137 octets] - [07/12/2020 10:50:01]
AdwCleaner[S12].txt - [2198 octets] - [18/12/2020 12:23:32]
AdwCleaner[S13].txt - [2363 octets] - [20/12/2020 19:07:57]
AdwCleaner[C13].txt - [2533 octets] - [20/12/2020 19:08:11]
AdwCleaner[S14].txt - [2381 octets] - [20/12/2020 20:48:42]
AdwCleaner[S15].txt - [2442 octets] - [26/12/2020 21:39:07]
AdwCleaner[S16].txt - [2802 octets] - [29/12/2020 09:40:56]
AdwCleaner[C16].txt - [2934 octets] - [29/12/2020 09:41:14]
AdwCleaner[S17].txt - [2760 octets] - [03/01/2021 15:29:46]
AdwCleaner[C17].txt - [2912 octets] - [03/01/2021 15:30:08]
AdwCleaner[S18].txt - [2747 octets] - [09/01/2021 16:14:20]
AdwCleaner[S19].txt - [2808 octets] - [10/01/2021 13:20:14]
AdwCleaner[S20].txt - [2869 octets] - [10/01/2021 19:05:35]
AdwCleaner[S21].txt - [2930 octets] - [11/01/2021 08:53:37]
AdwCleaner[S22].txt - [2991 octets] - [11/01/2021 09:24:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S23].txt ##########

m.b.
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 16 lis 2007 19:28
Bydliště: Kolínsko
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#4 Příspěvek od m.b. »

také zdravím a omlouvám se za prodlevu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113144
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#5 Příspěvek od Rudy »

Nic se neděje. Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {6F13000D-5169-4F62-B425-E61548CBD7C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-08] (Google Inc -> Google Inc.)
Task: {93AA037B-41A0-49F0-A89D-AB145B585258} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-08] (Google Inc -> Google Inc.)
S3 AtiDCM; C:\Users\brenn\AppData\Local\Temp\atdcm64a.sys [51104 2016-07-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) <==== ATTENTION
S3 ATICDSDr; \??\C:\Users\brenn\AppData\Local\Temp\ATICDSDr.sys [X] <==== ATTENTION
C:\Users\brenn\AppData\Local\Temp
C:\WINDOWS\LastGood.Tmp
C:\Program Files (x86)\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

m.b.
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 16 lis 2007 19:28
Bydliště: Kolínsko
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#6 Příspěvek od m.b. »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by brenn (12-01-2021 15:20:43) Run:2
Running from C:\Users\brenn\Desktop
Loaded Profiles: brenn
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-3422601766-3474521219-3390658230-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {6F13000D-5169-4F62-B425-E61548CBD7C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-08] (Google Inc -> Google Inc.)
Task: {93AA037B-41A0-49F0-A89D-AB145B585258} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-08] (Google Inc -> Google Inc.)
S3 AtiDCM; C:\Users\brenn\AppData\Local\Temp\atdcm64a.sys [51104 2016-07-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) <==== ATTENTION
S3 ATICDSDr; \??\C:\Users\brenn\AppData\Local\Temp\ATICDSDr.sys [X] <==== ATTENTION
C:\Users\brenn\AppData\Local\Temp
C:\WINDOWS\LastGood.Tmp
C:\Program Files (x86)\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3422601766-3474521219-3390658230-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F13000D-5169-4F62-B425-E61548CBD7C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F13000D-5169-4F62-B425-E61548CBD7C1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{93AA037B-41A0-49F0-A89D-AB145B585258}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93AA037B-41A0-49F0-A89D-AB145B585258}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\AtiDCM => removed successfully
AtiDCM => service removed successfully
HKLM\System\CurrentControlSet\Services\ATICDSDr => removed successfully
ATICDSDr => service removed successfully
C:\Users\brenn\AppData\Local\Temp => moved successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\Program Files (x86)\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 93296250 B
Java, Flash, Steam htmlcache => 321 B
Windows/system/drivers => 107033 B
Edge => 0 B
Chrome => 129546462 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 7088 B
LocalService => 670334 B
NetworkService => 948576 B
brenn => 1755772 B

RecycleBin => 0 B
EmptyTemp: => 226.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:21:12 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113144
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#7 Příspěvek od Rudy »

Smazáno, log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

m.b.
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 16 lis 2007 19:28
Bydliště: Kolínsko
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#8 Příspěvek od m.b. »

Děkuji moc a hezký den !!!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113144
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, podezření na havěť. Děkuji

#9 Příspěvek od Rudy »

Hezký den i vám a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno