Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Dominator
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 22 črc 2015 15:50

Prosím o kontrolu logu

#1 Příspěvek od Dominator »

Dobrý den, prosím o kontrolu logů. NTB příšerně pomalý skoro na něm nelze pracovat.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2021
Ran by helen (administrator) on DESKTOP-CCEJ3K8 (Dell Inc. Inspiron 5567) (21-05-2021 22:39:35)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe#18E2EFCE8052C822
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19638160 2016-12-28] (Entertainment Experience LLC -> Entertainment Experience)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SearcherBar] => C:\WINDOWS\SysWOW64\mshta.exe [13312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\helen\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [SnailDriver] => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailLaunch.exe [814592 2016-09-17] (SnailDrivers) [File not signed]
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {096FFE9C-E073-4D56-A4D5-17B919A56DD5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1117EE2D-E3D0-44CC-BBE1-2E46D36E2EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13D3CA01-842C-4ADD-9E6F-3B033AD48636} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {1480905E-B1C9-4B57-8E49-4AB52CD7FBBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1C3CA52D-CDBB-4E70-9B99-8DB218268217} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {373AA7E9-F660-4A96-B4E8-4A00CFFDD50E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {398D5520-D434-486F-9B19-F780BD37B747} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3C5043DD-8893-4CD1-BC7B-7925960EF45C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1121152 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {56B17EB2-29E0-4520-9ADF-705FBD950BBA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5BBB844E-39F6-41E5-9992-286C4B80D454} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6669F19D-99A5-49BE-A0A0-ED1924906CCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BD37B09-CC5F-4B94-8135-5154270DD8BF} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {727AA9B4-E04E-4DBF-993D-E1603E47C881} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8475EE3D-3C04-4743-8D3D-6DE9FFB01313} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {B42B0538-FF11-4D3E-B3C9-2B9232E5AF73} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CCA9C6E3-62B2-4BBA-A949-33ECD54802F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCFD5778-8C7A-4F80-AC7E-0187A2C0083C} - System32\Tasks\Opera scheduled Autoupdate 1621617730 => C:\Users\helen\AppData\Local\Programs\Opera\launcher.exe [2199704 2021-05-12] (Opera Software AS -> Opera Software)
Task: {FCC82AA3-C936-4838-8863-EB4077C4AC04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{810721c0-fa75-4977-b035-551a3d3a9a5a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\helen\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-21]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: p8ml5zkk.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\p8ml5zkk.default [2020-11-02]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-11-10] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release [2021-05-14]
FF Extension: (AdBlock — best ad blocker) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-11-20]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\rapportext@trusteer.com.xpi [2020-11-11] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2021-05-21]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.edarling.cz; hxxps://www.facebook.com; hxxps://www.luxor.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/webhp?source=search_app&g ... 8weO9oCICw
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-28]
CHR Extension: (Dokumenty) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-28]
CHR Extension: (Disk Google) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-18]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-11]
CHR Extension: (Space) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hifhddjdplehpbndiikdofeaopbimfmi [2020-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\helen\AppData\Roaming\Opera Software\Opera Stable [2021-05-21]


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2021
Ran by helen (21-05-2021 22:36:33)
Running from C:\Users\helen\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2020-12-22 14:43:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1911357360-3452808120-2699024319-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1911357360-3452808120-2699024319-503 - Limited - Disabled)
Guest (S-1-5-21-1911357360-3452808120-2699024319-501 - Limited - Disabled)
helen (S-1-5-21-1911357360-3452808120-2699024319-1001 - Administrator - Enabled) => C:\Users\helen
WDAGUtilityAccount (S-1-5-21-1911357360-3452808120-2699024319-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
Branding64 (HKLM\...\{871DA3E4-7743-4CDB-B95E-995DA5DA9B23}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Chrone Browser (HKLM-x32\...\Chrone Browser) (Version: 86.0.4240.198 - iStart)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2004.84 - Trusteer)
Opera Stable 76.0.4017.123 (HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Opera 76.0.4017.123) (Version: 76.0.4017.123 - Opera Software)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2004.84 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
SearcherBar (HKLM-x32\...\SearcherBar) (Version: 0.3 - ) <==== ATTENTION
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
SnailDriver version 1.0.0.3 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 1.0.0.3 - SnailSuite)
True Color (HKLM\...\{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}) (Version: 1.0.1.1 - Entertainment Experience LLC) Hidden
True Color (HKLM-x32\...\{c38d939e-31d4-44fa-a07a-d28915046b7d}) (Version: 7.9.0.0 - Entertainment Experience)
True Color XML Tables (HKLM\...\{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}) (Version: 7.10.0.0 - Entertainment Experience LLC) Hidden
TrueColorXMLTables (HKLM-x32\...\{bf377b78-c440-4ce9-a962-2fde04e6d4cd}) (Version: 7.10.0.0 - Entertainment Experience)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.177 - McAfee, LLC)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\db6ea5db.mediasuiteessentialsfordell_2.6.4028.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-12] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-28] (Netflix, Inc.)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-08] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\db6ea5db.power2gofordell_11.0.3920.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\db6ea5db.powerdirectorfordell_15.0.4409.0_x64__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.971.0_x64__rh07ty8m5nkag [2021-05-17] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-10-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-07-18 16:27 - 2018-07-18 16:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-12-18] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-12-18] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\helen\Desktop\Helen\fotky\IMG_20180529_134842.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "SnailDriver"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D2D8420F-8133-48A0-816D-E2C5A22BCD4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{7758BC82-DA89-4397-96FD-B94C956383EE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{392676CE-5B65-40E3-9A0F-1289C7D57E6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DA300A6-DEBC-42F6-BC35-F977BB8329A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B85A59F3-77C5-4172-BE9D-A6994C0720A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A67BD598-88A4-4874-A561-54A5F8BF48CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCD4163A-EA7A-422A-B169-4F2B705E8AD7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98A93CD0-21D5-42A4-B52F-2BB45FE687EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DC8D434-3C5A-45F4-86AB-70A69E9F7F66}] => (Allow) C:\Users\helen\AppData\Local\Temp\DriverPack-20210521191155\tools\aria2c.exe () [File not signed]
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D69BF1AD-FE52-4335-A022-A0BE3DE23265}] => (Allow) C:\Users\helen\AppData\Roaming\DRPSu\Alice\cloud.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

21-05-2021 17:46:14 AMDCleanupUtility Restore Point
21-05-2021 21:38:55 AdwCleaner_BeforeCleaning_21/05/2021_21:38:55
21-05-2021 22:11:54 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/21/2021 09:40:41 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:41 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:41 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4


System errors:
=============
Error: (05/21/2021 09:41:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CCEJ3K8)
Description: Server {7160A13D-73DA-4CEA-95B9-37356478588A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rivet AP Selector Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SmartByte Analytics Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Wizard Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ##ID_STRING86## byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 300 milisekund: Restartovat službu.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2021-05-21 22:28:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\filmy\FRST.exe; webfile:_C:\Users\helen\Desktop\filmy\FRST.exe|https://download.bleepingcomputer.com/d ... 4886946956
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:27:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4679758296
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:10:14
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4127603958
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:09:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 3774169815
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:08:08
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Wacapew.C!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\helen\Desktop\FRST64.exe; webfile:_C:\Users\helen\Desktop\FRST64.exe|https://download.bleepingcomputer.com/d ... 2851061308
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-14 21:22:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-05-13 17:18:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.486.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Dell Inc. 1.3.1 10/05/2020
Motherboard: Dell Inc. 0C6XG5
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8090.5 MB
Available physical RAM: 3802.19 MB
Total Virtual: 11162.5 MB
Available Virtual: 5900.02 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.56 GB) (Free:833.19 GB) NTFS

\\?\Volume{8f23e1a0-654d-4a77-b7ad-6fed692c9b5c}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.39 GB) NTFS
\\?\Volume{8ae861fd-f73d-40b7-945d-889735320419}\ (Image) (Fixed) (Total:13.36 GB) (Free:0.12 GB) NTFS
\\?\Volume{b3ce438a-2986-4c7b-bb18-44c9501e20c3}\ () (Fixed) (Total:1.12 GB) (Free:0.56 GB) NTFS
\\?\Volume{3ba28014-12b5-4a5b-ed52-46c4f65441b1}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:1.04 GB) NTFS
\\?\Volume{e1e36ce6-d7ba-4f2a-a585-a6fb65db55a1}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7BF277CB)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dominator
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 22 črc 2015 15:50

Re: Prosím o kontrolu logu

#3 Příspěvek od Dominator »

Dobrý den, adwcleanerem jsem to právě projel už v pátek, tak přikládám i log z prvního scanu + ten dnešní (první v pořadí).
Ještě doplňuji, že po tom prvním čištění co jsem dělal sám, je to dost lepší, ale pořád se mi to nezdá OK.
NTB někdy zamrzne i na půl minuty, když se nic neděje a využítí CPU na 100% s procesem "Systémové přerušení".
Četl jsem, že to můžou dělat ovladače, tak jsem všechny co jsem našel zaktualizoval, ale jak říkám furt se mi to uplně nezdá. Předem díky.

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2021
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted youndoo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3268 octets] - [21/05/2021 21:38:22]
AdwCleaner[C00].txt - [3537 octets] - [21/05/2021 21:41:27]
AdwCleaner[S01].txt - [1534 octets] - [23/05/2021 13:46:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########





# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-21-2021
# Duration: 00:00:45
# OS: Windows 10 Home
# Cleaned: 21
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\helen\AppData\Roaming\DRPSu

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\drpsu

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted youndoo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellHelp&Support Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\DELL HELP & SUPPORT
Deleted Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Classes\CLSID\{5CF37A65-BBB9-41FE-B88D-DD61422E9E3C}
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Deleted Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1DD6245-7E5C-44C4-8891-6F87310E6DAB}
Deleted Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Deleted Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3268 octets] - [21/05/2021 21:38:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dominator
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 22 črc 2015 15:50

Re: Prosím o kontrolu logu

#5 Příspěvek od Dominator »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2021
Ran by helen (administrator) on DESKTOP-CCEJ3K8 (Dell Inc. Inspiron 5567) (23-05-2021 19:27:45)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atiesrxx.exe
(Entertainment Experience LLC -> ) C:\Program Files\TrueColor\TrueColorALS.exe
(Entertainment Experience LLC -> Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxext.exe <2>
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19638160 2016-12-28] (Entertainment Experience LLC -> Entertainment Experience)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\helen\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {096FFE9C-E073-4D56-A4D5-17B919A56DD5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1117EE2D-E3D0-44CC-BBE1-2E46D36E2EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1480905E-B1C9-4B57-8E49-4AB52CD7FBBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1C3CA52D-CDBB-4E70-9B99-8DB218268217} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {373AA7E9-F660-4A96-B4E8-4A00CFFDD50E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A6C5144-8B43-4675-95CA-7F563FAD30C5} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3C5043DD-8893-4CD1-BC7B-7925960EF45C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1121152 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {48DA47BB-ACD3-48F2-98AE-47C3BF5F8549} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {56B17EB2-29E0-4520-9ADF-705FBD950BBA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5BBB844E-39F6-41E5-9992-286C4B80D454} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6669F19D-99A5-49BE-A0A0-ED1924906CCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BD37B09-CC5F-4B94-8135-5154270DD8BF} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6BEB5B84-8016-475E-8B07-D3D425D5E307} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {727AA9B4-E04E-4DBF-993D-E1603E47C881} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8475EE3D-3C04-4743-8D3D-6DE9FFB01313} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {CCA9C6E3-62B2-4BBA-A949-33ECD54802F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCFD5778-8C7A-4F80-AC7E-0187A2C0083C} - System32\Tasks\Opera scheduled Autoupdate 1621617730 => C:\Users\helen\AppData\Local\Programs\Opera\launcher.exe
Task: {FCC82AA3-C936-4838-8863-EB4077C4AC04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{810721c0-fa75-4977-b035-551a3d3a9a5a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\helen\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-23]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: p8ml5zkk.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\p8ml5zkk.default [2020-11-02]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-11-10] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release [2021-05-23]
FF Extension: (AdBlock — best ad blocker) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-11-20]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\rapportext@trusteer.com.xpi [2020-11-11] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2021-05-23]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.edarling.cz; hxxps://www.facebook.com; hxxps://www.luxor.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/webhp?source=search_app&g ... 8weO9oCICw
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-28]
CHR Extension: (Dokumenty) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-28]
CHR Extension: (Disk Google) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-18]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-11]
CHR Extension: (Space) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hifhddjdplehpbndiikdofeaopbimfmi [2020-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3008896 2020-08-18] (IBM -> IBM Corp.)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-05-23] (Razer USA Ltd. -> Razer Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14283048 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [93072 2016-12-12] (Entertainment Experience LLC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [27896 2021-05-19] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> )
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-07-27] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl4b000416; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5096F5A4-EDC2-40CB-B037-CAFC87B6C9D1}\MpKslDrv.sys [107744 2021-05-23] (Microsoft Windows -> Microsoft Corporation)
S1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [450240 2020-08-18] (IBM -> IBM Corp.)
S1 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2020-11-11] (IBM -> IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [546056 2020-08-18] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM -> IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [564928 2020-08-18] (IBM -> IBM Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-23 19:27 - 2021-05-23 19:29 - 000021380 _____ C:\Users\helen\Desktop\FRST.txt
2021-05-23 19:26 - 2021-05-23 19:26 - 002299904 _____ (Farbar) C:\Users\helen\Desktop\FRST64.exe
2021-05-23 19:16 - 2021-05-23 19:16 - 000000018 _____ C:\Users\helen\Desktop\Nový textový dokument.txt
2021-05-23 19:14 - 2021-05-23 19:14 - 002012160 _____ (Farbar) C:\Users\helen\Desktop\FRST.exe
2021-05-23 19:05 - 2021-05-23 19:11 - 000000000 ____D C:\Users\helen\AppData\Local\TeamViewer
2021-05-23 19:04 - 2021-05-23 19:04 - 000000895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-05-23 19:04 - 2021-05-23 19:04 - 000000883 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-05-23 19:04 - 2021-05-23 19:04 - 000000000 ____D C:\Users\helen\AppData\Roaming\TeamViewer
2021-05-23 19:03 - 2021-05-23 19:18 - 000000000 ____D C:\Program Files\TeamViewer
2021-05-23 19:02 - 2021-05-23 19:02 - 032159600 _____ (TeamViewer Germany GmbH) C:\Users\helen\Desktop\TeamViewer_Setup_x64.exe
2021-05-23 16:30 - 2021-05-23 16:30 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-05-23 16:30 - 2021-05-23 16:30 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-05-23 14:39 - 2021-05-23 14:39 - 000002089 _____ C:\Users\helen\Desktop\zaloha.cfg
2021-05-23 13:43 - 2021-05-23 13:43 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-22 09:21 - 2021-05-22 09:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-21 22:32 - 2021-05-23 19:28 - 000000000 ____D C:\FRST
2021-05-21 22:11 - 2021-05-21 22:11 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\helen\Desktop\rkill.exe
2021-05-21 22:11 - 2021-05-21 22:11 - 001790024 _____ (Malwarebytes) C:\Users\helen\Desktop\JRT.exe
2021-05-21 22:10 - 2021-05-21 22:10 - 005659583 _____ (Swearware) C:\Users\helen\Desktop\ComboFix.exe
2021-05-21 21:37 - 2021-05-21 21:40 - 000000000 ____D C:\AdwCleaner
2021-05-21 20:22 - 2021-05-21 20:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1621617730
2021-05-21 20:12 - 2021-05-21 20:12 - 000000000 _____ C:\WINDOWS\SysWOW64\d3dx11_42.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000222360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000219288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000127640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000104088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000084624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2021-05-21 20:08 - 1987-12-19 23:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2021-05-21 20:08 - 1987-12-19 23:00 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2021-05-21 20:07 - 1987-12-19 23:00 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2021-05-21 20:07 - 1987-12-19 23:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2021-05-21 20:06 - 1987-12-19 23:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2021-05-21 20:06 - 1987-12-19 23:00 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2021-05-21 20:05 - 1987-12-19 23:00 - 001070232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2021-05-21 20:05 - 1987-12-19 23:00 - 000660120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000444328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MShflxgd.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000279192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000259736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000179352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000131728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000119960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2021-05-21 20:04 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2021-05-21 20:04 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2021-05-21 20:03 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2021-05-21 20:03 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2021-05-21 20:03 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2021-05-21 20:02 - 1987-12-19 23:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2021-05-21 20:02 - 1987-12-19 23:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2021-05-21 20:01 - 1987-12-19 23:00 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2021-05-21 20:01 - 1987-12-19 23:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2021-05-21 20:01 - 1987-12-19 23:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2021-05-21 20:00 - 1987-12-19 23:00 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2021-05-21 20:00 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2021-05-21 19:59 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2021-05-21 19:59 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2021-05-21 19:59 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2021-05-21 19:58 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2021-05-21 19:58 - 1987-12-19 23:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2021-05-21 19:57 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2021-05-21 19:57 - 1987-12-19 23:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2021-05-21 19:57 - 1987-12-19 23:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 000617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libssl-1_1.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 000416408 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000218776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000212112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2021-05-21 19:55 - 1987-12-19 23:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2021-05-21 19:23 - 2021-05-23 15:48 - 000000000 ____D C:\Users\helen\AppData\Local\Opera Software
2021-05-21 19:21 - 2021-05-22 07:50 - 000000000 ____D C:\Chrone
2021-05-21 19:21 - 2021-05-21 19:21 - 000000000 ____D C:\Users\helen\AppData\Roaming\Opera Software
2021-05-21 19:20 - 2021-05-21 19:20 - 000000000 ____D C:\Users\helen\.cache
2021-05-21 18:57 - 2021-05-21 18:57 - 000000000 ____D C:\Users\helen\AppData\Roaming\Dell
2021-05-21 18:36 - 2021-05-21 18:36 - 000000000 ____D C:\Users\helen\AppData\Local\OO Software
2021-05-21 18:33 - 2021-05-21 18:34 - 001403760 _____ (O&O Software GmbH) C:\Users\helen\Desktop\OOSU10.exe
2021-05-21 18:18 - 2021-05-22 09:34 - 000000000 ____D C:\Users\helen\AppData\Local\CrashDumps
2021-05-21 18:17 - 2021-05-21 18:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\D3DSCache
2021-05-21 18:16 - 2021-05-21 18:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\AMD
2021-05-21 18:16 - 2021-05-21 18:16 - 000000000 ____D C:\Users\defaultuser100000\AppData\LocalLow\Intel
2021-05-21 18:15 - 2021-05-21 18:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Packages
2021-05-21 18:15 - 2021-05-21 18:15 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\VirtualStore
2021-05-21 18:14 - 2021-05-21 18:15 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Intel
2021-05-21 18:14 - 2021-05-21 18:15 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2021-05-21 18:14 - 2021-05-21 18:14 - 000000020 ___SH C:\Users\defaultuser100000\ntuser.ini
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Šablony
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Soubory cookie
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Poslední
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Okolní tiskárny
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Okolní síť
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Nabídka Start
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Dokumenty
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Obrázky
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Hudba
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Filmy
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Data aplikací
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Local\Data aplikací
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 __SHD C:\Users\defaultuser100000\IntelGraphicsProfiles
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Intel
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Users\defaultuser100000
2021-05-21 18:14 - 2020-11-30 18:19 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Intel Corporation
2021-05-21 18:14 - 2020-11-11 22:57 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Mozilla
2021-05-21 18:14 - 2020-11-11 22:55 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Trusteer
2021-05-21 18:14 - 2020-06-20 08:15 - 000000000 ___RD C:\Users\defaultuser100000\OneDrive
2021-05-21 18:14 - 2019-12-07 11:10 - 000001105 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-21 18:09 - 2021-05-21 18:09 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-05-21 18:09 - 2021-05-21 18:09 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-05-21 18:09 - 2021-05-21 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-05-21 18:09 - 2021-05-21 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-05-21 18:08 - 2021-05-21 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-05-21 18:07 - 2021-05-21 18:08 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-05-21 18:01 - 2021-05-21 18:16 - 000000000 ____D C:\ProgramData\AMD
2021-05-21 18:01 - 2021-05-21 18:05 - 000000000 ____D C:\Program Files\AMD
2021-05-21 18:01 - 2021-05-11 09:18 - 002261136 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2021-05-21 17:54 - 2021-05-21 17:54 - 000000000 ____D C:\WINDOWS\Panther
2021-05-21 17:45 - 2021-05-17 03:19 - 001857856 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001857856 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001438536 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001438536 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001093736 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 001093736 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000946904 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000946904 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000736576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000620864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000046400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000043328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000496448 _____ C:\WINDOWS\system32\GameManager64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000492864 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-05-21 17:45 - 2021-05-17 03:18 - 000432448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-05-21 17:45 - 2021-05-17 03:18 - 000379712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000346432 _____ C:\WINDOWS\system32\clinfo.exe
2021-05-21 17:45 - 2021-05-17 03:18 - 000245056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000212808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000186688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000166712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000166224 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000166208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000156480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000142144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000140600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000090432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000075072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000019880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000019880 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 081573696 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 067153744 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 005800768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 005520200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001748816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001535312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000821056 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-05-21 17:45 - 2021-05-17 03:17 - 000468304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000455992 _____ C:\WINDOWS\system32\atieah64.exe
2021-05-21 17:45 - 2021-05-17 03:17 - 000351552 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-05-21 17:45 - 2021-05-17 03:17 - 000182096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000158360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000135504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000125264 _____ C:\WINDOWS\system32\atidxx64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000115528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000107328 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000069952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 072481616 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 001685728 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 001365080 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000940880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000768336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000546872 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000489272 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000466256 _____ C:\WINDOWS\system32\amdlogum.exe
2021-05-21 17:45 - 2021-05-17 03:16 - 000379704 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000202144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000169696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000130336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000130336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-05-21 17:45 - 2021-05-17 03:15 - 000136000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-05-21 17:45 - 2021-05-17 03:15 - 000120344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-05-21 17:45 - 2021-05-11 09:01 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-05-21 17:45 - 2021-05-11 09:01 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-05-21 17:45 - 2021-05-11 08:59 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-05-21 17:45 - 2021-05-11 08:59 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-05-21 17:45 - 2021-05-11 08:59 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-05-21 17:45 - 2021-05-11 08:59 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-05-21 17:45 - 2021-05-11 08:55 - 059164696 _____ C:\WINDOWS\system32\amdxc64.so
2021-05-21 17:45 - 2021-05-11 07:53 - 000558136 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-05-21 17:45 - 2021-05-11 07:53 - 000558136 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-05-21 17:45 - 2021-04-30 15:53 - 000517536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2021-05-21 17:45 - 2021-04-30 15:53 - 000117448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2021-05-21 17:45 - 2020-12-08 22:15 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-05-21 17:45 - 2020-12-02 08:56 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-05-21 17:45 - 2020-10-22 06:36 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-05-21 17:45 - 2020-08-05 09:50 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-05-21 17:45 - 2020-07-27 09:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2021-05-21 17:45 - 2020-07-17 20:29 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-05-21 17:45 - 2020-05-22 17:23 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-05-21 17:45 - 2019-01-12 00:27 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-05-21 17:45 - 2016-09-02 17:24 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-05-21 17:45 - 2013-12-12 15:53 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-05-21 17:42 - 2021-05-21 17:42 - 000000000 ____D C:\Users\helen\AppData\Roaming\ATI
2021-05-21 17:41 - 2021-05-21 17:41 - 000000000 ____D C:\Users\helen\AppData\Local\RadeonInstaller
2021-05-21 17:41 - 2021-05-21 17:41 - 000000000 ____D C:\Users\helen\AppData\Local\AMD_Common
2021-05-21 17:38 - 2021-05-21 17:38 - 000000000 ____D C:\Users\helen\AppData\Local\mbam
2021-05-21 17:30 - 2021-05-21 17:30 - 000000000 ____D C:\Users\helen\AppData\Local\CrashRpt
2021-05-21 17:29 - 2021-05-21 17:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-05-21 17:21 - 2021-05-21 17:22 - 000388608 _____ (Trend Micro Inc.) C:\Users\helen\Desktop\HijackThis.exe
2021-05-20 18:50 - 2021-05-20 18:50 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-05-19 17:24 - 2021-05-19 17:24 - 000027896 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-05-15 08:32 - 2021-05-15 08:32 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-14 21:25 - 2021-05-14 21:25 - 000000000 ____D C:\Users\helen\Desktop\2021-05-14 omluvenka
2021-05-13 17:44 - 2021-05-13 17:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1911357360-3452808120-2699024319-1001
2021-05-13 17:43 - 2021-05-13 17:43 - 000002367 _____ C:\Users\helen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-12 21:28 - 2021-05-12 21:28 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 10:56 - 2021-05-12 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 10:56 - 2021-05-12 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 10:56 - 2021-05-12 10:56 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 10:56 - 2021-05-12 10:56 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 10:55 - 2021-05-12 10:55 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 10:55 - 2021-05-12 10:55 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 10:55 - 2021-05-12 10:55 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 10:55 - 2021-05-12 10:55 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 10:55 - 2021-05-12 10:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 10:55 - 2021-05-12 10:55 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 10:54 - 2021-05-12 10:54 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 10:54 - 2021-05-12 10:54 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-07 11:53 - 2021-05-07 11:56 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-05-04 21:32 - 2021-05-04 21:40 - 000000000 ____D C:\Users\helen\Desktop\cesta PH
2021-05-04 16:41 - 2021-03-12 17:05 - 001034104 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2021-05-04 16:41 - 2021-03-12 17:05 - 000024952 _____ C:\WINDOWS\system32\RstMwEventLogMsg.dll
2021-05-04 16:36 - 2021-04-18 23:08 - 001149432 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-05-04 16:13 - 2021-02-18 21:31 - 009916312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2021-05-04 16:13 - 2021-02-18 21:31 - 000453560 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2021-04-27 19:51 - 2021-05-23 14:41 - 107216896 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-25 10:06 - 2021-04-25 10:06 - 000000000 ____D C:\Users\helen\Desktop\NJ
2021-04-23 16:54 - 2021-04-23 16:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-23 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-23 18:59 - 2020-12-22 15:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-23 17:21 - 2021-03-16 20:37 - 000015840 _____ C:\Users\helen\Desktop\Fenologické pozorování.ods
2021-05-23 16:26 - 2018-05-02 19:17 - 000000000 __SHD C:\Users\helen\IntelGraphicsProfiles
2021-05-23 14:48 - 2020-11-20 23:40 - 000000000 ____D C:\Program Files\CCleaner
2021-05-23 14:42 - 2020-12-22 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-23 14:42 - 2020-12-22 15:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-23 14:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-23 14:42 - 2017-09-28 22:14 - 000000000 ____D C:\Intel
2021-05-23 14:41 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-23 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-23 13:43 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-22 17:38 - 2020-10-28 13:16 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-22 17:38 - 2020-10-28 13:16 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-22 17:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-22 11:43 - 2020-10-28 16:12 - 000000000 ____D C:\Users\helen\AppData\Local\Packages
2021-05-22 07:16 - 2020-10-28 16:12 - 000000000 ____D C:\Users\helen\AppData\Local\VirtualStore
2021-05-21 22:31 - 2021-03-01 18:25 - 000000000 ____D C:\filmy
2021-05-21 22:00 - 2020-10-28 16:16 - 000000000 ____D C:\Users\helen\AppData\Local\D3DSCache
2021-05-21 21:41 - 2017-09-28 22:17 - 000000000 ____D C:\ProgramData\Dell
2021-05-21 21:41 - 2017-09-28 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-21 21:41 - 2017-09-28 22:10 - 000000000 ____D C:\Program Files\Dell
2021-05-21 20:17 - 2020-10-28 12:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-21 20:12 - 2020-12-22 16:08 - 000000000 ____D C:\Users\helen
2021-05-21 19:08 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-21 18:19 - 2020-10-28 16:21 - 000000000 ____D C:\Users\helen\AppData\Local\cache
2021-05-21 18:18 - 2020-10-28 16:15 - 000000000 ____D C:\Users\helen\AppData\Local\AMD
2021-05-21 18:08 - 2020-10-28 12:59 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-05-21 17:51 - 2018-06-12 22:46 - 000000000 ____D C:\AMD
2021-05-21 15:55 - 2021-03-14 22:02 - 000000000 ____D C:\Users\helen\AppData\Roaming\Waves Audio
2021-05-20 18:50 - 2020-09-12 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-20 18:49 - 2017-09-28 22:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-19 21:30 - 2020-09-06 14:14 - 000000000 ____D C:\Users\helen\Desktop\SLŠ Žlutice
2021-05-15 08:35 - 2020-10-28 13:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 21:26 - 2019-11-12 19:24 - 000000000 ____D C:\Users\helen\AppData\LocalLow\Mozilla
2021-05-14 21:04 - 2020-12-22 16:21 - 002575540 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-14 21:04 - 2020-12-22 14:30 - 000733960 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-14 21:04 - 2020-12-22 14:30 - 000150344 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-14 21:04 - 2019-12-07 16:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-14 21:04 - 2019-12-07 16:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-14 20:48 - 2020-01-16 20:01 - 000000000 ____D C:\Users\helen\Desktop\fotky
2021-05-14 20:47 - 2019-03-20 21:08 - 000000000 ___RD C:\Users\helen\Desktop\Helen
2021-05-13 17:43 - 2018-05-02 19:25 - 000000000 ___RD C:\Users\helen\OneDrive
2021-05-12 21:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-12 21:24 - 2020-12-22 14:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-05-12 21:24 - 2020-12-22 14:18 - 000000000 ____D C:\WINDOWS\en-GB
2021-05-12 21:24 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 11:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 09:55 - 2020-10-30 18:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 09:51 - 2020-10-30 18:54 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 07:28 - 2020-10-28 16:50 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-11 07:28 - 2020-10-28 16:50 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-07 11:55 - 2020-10-28 12:58 - 000000000 ____D C:\ProgramData\Intel
2021-05-07 11:53 - 2020-10-28 12:58 - 000000000 ____D C:\Program Files\Intel
2021-05-05 14:20 - 2017-09-28 22:10 - 000000000 ____D C:\ProgramData\PCDr
2021-05-05 10:22 - 2018-05-04 21:54 - 000000000 ___RD C:\Users\helen\Desktop\dokumenty
2021-04-27 19:51 - 2021-02-24 22:22 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-26 16:32 - 2021-01-20 18:55 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d86da316bc61
2021-04-26 16:32 - 2020-12-22 16:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-23 21:30 - 2018-09-14 20:58 - 000000000 ___RD C:\Users\helen\Documents\Scanned Documents
2021-04-23 16:33 - 2020-11-17 11:41 - 000000000 ____D C:\Users\helen\Desktop\Holý

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\d3dx11_42.dll [2021-05-21] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2021
Ran by helen (23-05-2021 19:30:23)
Running from C:\Users\helen\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2020-12-22 14:43:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1911357360-3452808120-2699024319-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1911357360-3452808120-2699024319-503 - Limited - Disabled)
Guest (S-1-5-21-1911357360-3452808120-2699024319-501 - Limited - Disabled)
helen (S-1-5-21-1911357360-3452808120-2699024319-1001 - Administrator - Enabled) => C:\Users\helen
WDAGUtilityAccount (S-1-5-21-1911357360-3452808120-2699024319-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
Branding64 (HKLM\...\{871DA3E4-7743-4CDB-B95E-995DA5DA9B23}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2004.84 - Trusteer)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2004.84 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
True Color (HKLM\...\{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}) (Version: 1.0.1.1 - Entertainment Experience LLC) Hidden
True Color (HKLM-x32\...\{c38d939e-31d4-44fa-a07a-d28915046b7d}) (Version: 7.9.0.0 - Entertainment Experience)
True Color XML Tables (HKLM\...\{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}) (Version: 7.10.0.0 - Entertainment Experience LLC) Hidden
TrueColorXMLTables (HKLM-x32\...\{bf377b78-c440-4ce9-a962-2fde04e6d4cd}) (Version: 7.10.0.0 - Entertainment Experience)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\db6ea5db.mediasuiteessentialsfordell_2.6.4028.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-12] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-28] (Netflix, Inc.)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-08] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\db6ea5db.power2gofordell_11.0.3920.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\db6ea5db.powerdirectorfordell_15.0.4409.0_x64__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-10-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-07-18 16:27 - 2018-07-18 16:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\helen\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\5542778-vypravny_spiralovita_galaxie_spiral_galaxy_ngc_5643.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7758BC82-DA89-4397-96FD-B94C956383EE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{392676CE-5B65-40E3-9A0F-1289C7D57E6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DA300A6-DEBC-42F6-BC35-F977BB8329A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B85A59F3-77C5-4172-BE9D-A6994C0720A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A67BD598-88A4-4874-A561-54A5F8BF48CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCD4163A-EA7A-422A-B169-4F2B705E8AD7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98A93CD0-21D5-42A4-B52F-2BB45FE687EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DC8D434-3C5A-45F4-86AB-70A69E9F7F66}] => (Allow) C:\Users\helen\AppData\Local\Temp\DriverPack-20210521191155\tools\aria2c.exe () [File not signed]
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe => No File
FirewallRules: [{6FD38925-5D95-4309-BD0A-FA13A55CD391}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B586F1EE-047F-4C88-BD3C-B9D0998C2295}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CDC31E0-83E8-4778-A223-2BD56B42B3BB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BD457F6-659B-4A9A-A663-A3B18495A264}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F3DA4B5F-A5DF-41DC-B8FD-E248A8547BA4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

21-05-2021 17:46:14 AMDCleanupUtility Restore Point
21-05-2021 21:38:55 AdwCleaner_BeforeCleaning_21/05/2021_21:38:55
21-05-2021 22:11:54 JRT Pre-Junkware Removal
22-05-2021 07:51:46 Removed SmartByte Drivers and Services.
22-05-2021 11:34:30 Removed SmartByte Drivers and Services.
22-05-2021 11:38:23 Removed SmartByte Drivers and Services.
23-05-2021 14:32:37 O&O ShutUp10

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4


System errors:
=============
Error: (05/23/2021 02:41:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (05/23/2021 02:41:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (05/23/2021 02:41:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (05/23/2021 01:48:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/23/2021 01:48:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/23/2021 01:48:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Wizard Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/23/2021 01:48:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/23/2021 01:48:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TrueColorALS byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-05-23 19:13:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 6224393405
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1261.0, AS: 1.339.1261.0, NIS: 1.339.1261.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-23 19:13:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 6047847088
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1261.0, AS: 1.339.1261.0, NIS: 1.339.1261.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:28:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\filmy\FRST.exe; webfile:_C:\Users\helen\Desktop\filmy\FRST.exe|https://download.bleepingcomputer.com/d ... 4886946956
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:27:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4679758296
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:10:14
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4127603958
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-14 21:22:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-05-13 17:18:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.486.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Dell Inc. 1.3.1 10/05/2020
Motherboard: Dell Inc. 0C6XG5
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 8090.5 MB
Available physical RAM: 3832.74 MB
Total Virtual: 11162.5 MB
Available Virtual: 5454 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.56 GB) (Free:828.35 GB) NTFS

\\?\Volume{8f23e1a0-654d-4a77-b7ad-6fed692c9b5c}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.39 GB) NTFS
\\?\Volume{8ae861fd-f73d-40b7-945d-889735320419}\ (Image) (Fixed) (Total:13.36 GB) (Free:0.12 GB) NTFS
\\?\Volume{b3ce438a-2986-4c7b-bb18-44c9501e20c3}\ () (Fixed) (Total:1.12 GB) (Free:0.56 GB) NTFS
\\?\Volume{3ba28014-12b5-4a5b-ed52-46c4f65441b1}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:1.04 GB) NTFS
\\?\Volume{e1e36ce6-d7ba-4f2a-a585-a6fb65db55a1}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7BF277CB)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
FCheck: C:\WINDOWS\SysWOW64\d3dx11_42.dll [2021-05-21] <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dominator
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 22 črc 2015 15:50

Re: Prosím o kontrolu logu

#7 Příspěvek od Dominator »

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2021
Ran by helen (24-05-2021 16:12:22) Run:1
Running from C:\Users\helen\Desktop
Loaded Profiles: helen &
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
FCheck: C:\WINDOWS\SysWOW64\d3dx11_42.dll [2021-05-21] <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e361b08-792b-11eb-a643-bca8a6dcbb25} => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FDAEE44-32D6-4BB9-BC73-ED380D146DA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FDAEE44-32D6-4BB9-BC73-ED380D146DA5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{969B3B9F-1EBB-4323-A9C9-8ED9F0E18716}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{969B3B9F-1EBB-4323-A9C9-8ED9F0E18716}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\WINDOWS\SysWOW64\d3dx11_42.dll => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B45287CD-5758-4DF0-BBDB-FA55FA8410E5} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{069992CF-0543-424B-BF51-7A2A47FB7559}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18050115-626F-4DA8-889A-E1D692993215}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22206598 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 15424510 B
Edge => 0 B
Chrome => 446058370 B
Firefox => 9870817 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 4709250 B
systemprofile32 => 4709250 B
LocalService => 4709250 B
NetworkService => 25966326 B
helen => 662142088 B
defaultuser100000 => 662148744 B

RecycleBin => 17239 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:13:26 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Dominator
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 22 črc 2015 15:50

Re: Prosím o kontrolu logu

#9 Příspěvek od Dominator »

Ano je to mnohem lepší. Děkuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno