Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Prosím o kontrolu logu

#1 Příspěvek od bonapart »

dobrý den,
prosím o kontrolu logu, jede mi neustále na 45% procesor,i po vypnutí všech aplikací, díky Milan


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by HP (20-08-2021 17:18:05)
Running from C:\Users\HP\Desktop
Windows 10 Pro Version 21H1 19043.1165 (X64) (2021-04-05 16:57:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1259765519-2013090550-2787584750-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1259765519-2013090550-2787584750-503 - Limited - Disabled)
Guest (S-1-5-21-1259765519-2013090550-2787584750-501 - Limited - Disabled)
HP (S-1-5-21-1259765519-2013090550-2787584750-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1259765519-2013090550-2787584750-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Endpoint Security (Disabled - Out of date) {A37DD4B2-BDFF-70DA-DE19-9F9927D6940F}
FW: McAfee Endpoint Security (Enabled) {9B465597-F790-7182-F546-36ACD905D374}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{560E7B2D-43A3-4A2C-B578-44525724B639}) (Version: 4.16.4.4300 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{6919d361-5a00-4c44-a3be-f5033ff85337}) (Version: 4.16.4.4300 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
Apowersoft Video Stahovač V6.4.7 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.7 - APOWERSOFT LIMITED)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
McAfee Agent (HKLM\...\{F01CC7C9-9545-494A-9A8E-F52037F8BE8E}) (Version: 5.6.1.308 - McAfee, Inc.) Hidden
McAfee Agent (HKLM-x32\...\McAfeeAgent) (Version: 5.6.1.308 - McAfee, Inc.)
McAfee Data Exchange Layer for MA (HKLM\...\{FEE8AD9B-C4D7-4F07-89AC-88C28E2B8809}) (Version: 5.0.10249.0 - McAfee LLC) Hidden
McAfee Data Exchange Layer for MA (HKLM-x32\...\{a3f1e826-e1b0-460f-8113-6624beacab1b}) (Version: 5.0.1.249 - McAfee LLC) Hidden
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{377DA1C7-79DE-4102-8DB7-5C2296A3E960}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Firewall (HKLM\...\{6F88C6E9-CAD0-4D03-99E1-161383F9AD6F}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Platform (HKLM\...\{B16DE18D-4D5D-45F8-92BD-8DC17225AFD8}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{820D7600-089E-486B-860F-279B8119A893}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Web Control (HKLM\...\{5974413A-8D95-4D64-B9EE-40DF28186445}) (Version: 10.7.0 - McAfee, LLC.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Ltd.)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4A) (Version: 4.00 - MetaQuotes Ltd.)
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 2.9.2 (HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.9.2 - Telegram FZ-LLC)
TLauncher (HKLM-x32\...\TLauncher2.8) (Version: 2.8 - TLauncher Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
Zoom (HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)

Packages:
=========
Audio Controls -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.AudioControls_1.3.97.0_x64__qt57b6kdvhcfw [2020-12-15] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.583.0_x64__v10z8vjag6ke6 [2021-08-17] (HP Inc.)
McAfee Endpoint Security Web Control -> C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2021-07-08] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-07] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-08] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-21] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-07-21 20:48 - 2021-07-21 20:48 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-07-06 13:08 - 2010-09-26 20:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2021-07-06 13:08 - 2010-09-28 12:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2021-07-06 13:08 - 2010-06-21 15:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2021-07-06 13:08 - 2010-09-28 13:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2021-07-06 13:08 - 2010-06-21 15:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2021-07-06 13:08 - 2010-06-10 15:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2021-07-06 13:08 - 2010-05-18 17:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-12-15] (HP Inc. -> HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-12-15] (HP Inc. -> HP Inc.)
Toolbar: HKLM - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM-x32 - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "IMMON"
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{EA531C22-5075-4FA8-8FCB-237A6921AC2A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F5E713D6-67AD-4EE0-80BA-1DCD5A283A98}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [{CB976A41-BBB7-4AAE-A372-C7E3BCD7549D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{76891230-6DD7-46C6-86CB-35E274CA52E1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{FC6E8F25-FE40-4F58-AE25-50EB2C679ED6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{D7FD6108-CCEF-4A15-A060-838E4D2D76C8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{3973047C-6555-49B5-A26E-EA5862F24F25}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B19A00FD-6936-481E-9B1D-1335161C82BD}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{423FD33E-3D55-4D87-A164-785390F0716B}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{BE5E63E0-2AB4-4F20-97B0-60E6C6D9331B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{B86F36E8-86C3-4C26-A9AE-AEB5ACD80FC2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [{FAB2E1B4-0B8F-4C68-B20D-C0DE3615B73A}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{8195DA2D-AD9D-4950-ABA4-5D0E6A5CC99E}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{AF8BC8C7-D886-4315-8A1F-B2BB47E2B682}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{CCFF77A0-78F2-46D7-BAB0-9DB3144653F1}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{67300863-E246-407D-8DC4-5548CBDB1E43}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{E801902F-F82A-4D35-A059-4262424DD5F8}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{FB55E9A4-59A7-4DB5-AD64-A6C0B65C28BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77400F50-F131-4E9B-98B4-B861511289CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{948905F4-5204-48E1-ABA5-1FCFF82E701E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CCA5F8E-02CB-4D97-80FD-A3716C2C020A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A47BDE2E-C256-47F4-9A22-B939AB927F35}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-08-2021 09:04:22 Naplánovaný kontrolní bod
11-08-2021 19:52:15 Instalační služba modulů systému Windows
11-08-2021 20:12:26 Instalační služba modulů systému Windows
11-08-2021 20:12:49 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/19/2021 06:58:55 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 06:58:55 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 06:58:55 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 06:58:55 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 06:58:55 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\0, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 06:58:55 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 04:07:41 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/19/2021 04:07:41 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.


System errors:
=============
Error: (08/18/2021 09:33:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NP6ME1M)
Description: Server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:32:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NP6ME1M)
Description: Server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:32:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NP6ME1M)
Description: Server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:26:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:11:43, ‎18.‎08.‎2021) bylo neočekávané.

Error: (08/17/2021 07:02:46 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (08/16/2021 06:06:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NP6ME1M)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/13/2021 12:27:23 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (08/13/2021 12:27:22 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.


Windows Defender:
================
Date: 2021-08-19 16:07:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_F:\rcsetup153.exe; file:_F:\rcsetup153.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
Verze bezpečnostních informací: AV: 1.347.24.0, AS: 1.347.24.0, NIS: 1.347.24.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-12 21:50:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9A33D1C3-E9C8-4AD2-B4DB-50C7D5D42D9B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-08 09:17:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.343.601.0, AS: 1.343.601.0, NIS: 1.343.601.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-08 09:17:37
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.343.601.0, AS: 1.343.601.0, NIS: 1.343.601.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-08 09:17:36
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMSEmulator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.343.601.0, AS: 1.343.601.0, NIS: 1.343.601.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-05 14:30:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

CodeIntegrity:
===============
Date: 2021-08-20 16:06:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Windows signing level requirements.

Date: 2021-08-20 15:57:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: HP R01 Ver. 02.09.00 04/15/2021
Motherboard: HP 8591
Processor: Intel(R) Core(TM) i7-9700 CPU @ 3.00GHz
Percentage of memory in use: 14%
Total physical RAM: 32542.29 MB
Available physical RAM: 27974.45 MB
Total Virtual: 37406.29 MB
Available Virtual: 31046.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.24 GB) (Free:497.25 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:320.29 GB) NTFS

\\?\Volume{a5d7af93-f056-4206-aa41-e825abf07910}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b439ff86-770c-486c-a989-8a1f3b93c28e}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by HP (administrator) on DESKTOP-NP6ME1M (HP HP EliteDesk 800 G5 TWR) (20-08-2021 17:14:59)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP
Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_65c4bc64f64422d8\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\SysInfoCap.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c0fd909ca6e7d672\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_667c6615c75bd143\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ec81fa442e167535\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ec81fa442e167535\IntelCpHeciSvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Endpoint Security Platform\mfeesp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Firewall\mfefw.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfeensppl.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [654112 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\WINDOWS\system32\xrxs1l6.dll [22016 2007-03-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {019DF963-52F5-4789-BBA2-4936CAB59C89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {147ED47F-4A11-4BB1-87DD-3B7BB5CBB484} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-08] (HP Inc. -> HP Inc.)
Task: {1713C1A3-25B4-4046-8A2A-51A610DE6BD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D065E48-C57A-43E0-9361-01C5FBF0BA2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {270245C4-59B8-4628-A88E-47B92C8F27A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4426B3E3-F860-4B09-8477-E4D510D957FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {650A9C76-3379-4495-9205-59B749D926D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {6E587A5E-491D-4123-A852-78024F03C76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {7EA77A7C-2E74-4801-B40F-D1ACB1C07786} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {B228B141-5F8E-4CC3-9D03-A428FFEC2FF3} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\Engine\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-07-08] (McAfee, Inc. -> McAfee, LLC.)
Task: {D87D2CA1-A433-4869-B0F3-B128006B1481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e52b45c8-1257-4cba-8186-bd5110ce7b9b}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-20]
Edge DownloadDir: Default -> C:\Users\HP\Desktop
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Extension: (McAfee Endpoint Security Web Control) - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi [2019-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-08-20]
CHR DownloadDir: C:\Users\HP\Desktop
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-10]
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-10]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-10]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2021-07-25]
CHR Extension: (Adobe Acrobat) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-10]
CHR Extension: (Tabulky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-10]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28]
CHR HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jjkchpdmjjdmalgembblgafllbpcjlei] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mcchplg.crx [2019-10-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [85496 2020-07-03] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [123232 2020-07-03] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\AppHelperCap.exe [738376 2021-06-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\DiagsCap.exe [735824 2021-06-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\NetworkCap.exe [735808 2021-06-27] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\SysInfoCap.exe [737360 2021-06-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_65c4bc64f64422d8\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.)
R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [241456 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [179552 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [261640 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R2 mfewc; C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe [319792 2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107440 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2021-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfeepmpk; C:\WINDOWS\System32\drivers\mfeepmpk.sys [226432 2021-07-08] (McAfee, Inc. -> McAfee, LLC.)
S3 MfeEpNfcp; C:\WINDOWS\System32\drivers\MfeEpNfcp.sys [91400 2021-08-05] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [89520 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2021-07-08] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2021-07-08] (McAfee, Inc. -> McAfee LLC.)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82352 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-07-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-20 17:14 - 2021-08-20 17:15 - 000022340 _____ C:\Users\HP\Desktop\FRST.txt
2021-08-20 17:14 - 2021-08-20 17:15 - 000000000 ____D C:\FRST
2021-08-20 17:12 - 2021-08-20 17:12 - 002300416 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2021-08-20 12:30 - 2021-08-20 12:30 - 000000000 ____D C:\Users\HP\Desktop\NA EXTERAK A FLASH
2021-08-19 21:10 - 2021-08-20 12:06 - 322699001 _____ C:\Users\HP\Desktop\Webinář Strategie využávající volatility na trzích podle Vaška Husníka (19.8.2021).mp4
2021-08-19 12:07 - 2021-08-19 12:07 - 000002112 _____ C:\Users\HP\Desktop\22-6-2021_SUPER_ENG – zástupce.lnk
2021-08-15 10:42 - 2021-08-15 10:47 - 829570027 _____ C:\Users\HP\Desktop\a Webinář Strategie na scalping DAXu podle Jardy Tupého (12.8.2021).mp4
2021-08-13 17:02 - 2021-08-13 17:02 - 111193198 _____ C:\Users\HP\Desktop\2019_02_25_SDIV_Trading.mp4
2021-08-11 20:34 - 2021-08-12 12:37 - 000000000 ____D C:\Users\HP\Desktop\AUTAŘI
2021-08-11 20:17 - 2021-08-11 20:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 20:17 - 2021-08-11 20:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 20:17 - 2021-08-11 20:17 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 20:17 - 2021-08-11 20:17 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 20:16 - 2021-08-11 20:16 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 20:16 - 2021-08-11 20:16 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 20:16 - 2021-08-11 20:16 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-11 20:12 - 2021-08-11 20:12 - 000000000 ___HD C:\$WinREAgent
2021-08-05 20:40 - 2021-08-05 20:40 - 000000000 ____D C:\Users\HP\Desktop\italie
2021-08-03 18:15 - 2021-08-20 12:29 - 000000000 ____D C:\Users\HP\Desktop\MOJE OBCHODY
2021-08-02 22:21 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-08-01 21:33 - 2021-08-01 21:33 - 000001365 _____ C:\Users\HP\Desktop\Mauritanec Denik z Guantanama (2021) 1080p CZ dabing – zástupce.lnk
2021-08-01 18:13 - 2021-08-01 19:46 - 000000000 ____D C:\Users\HP\AppData\Roaming\.minecraft
2021-08-01 18:13 - 2021-08-01 19:23 - 000000000 ____D C:\Users\HP\AppData\Roaming\.tlauncher
2021-08-01 18:13 - 2021-08-01 18:13 - 000001934 _____ C:\Users\Public\Desktop\TLauncher.lnk
2021-08-01 18:13 - 2021-08-01 18:13 - 000000000 ____D C:\Users\HP\AppData\Roaming\java
2021-08-01 18:13 - 2021-08-01 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2021-08-01 18:11 - 2021-08-01 18:11 - 019711840 _____ (TLauncher Inc.) C:\Users\HP\Desktop\TLauncher-2.8-Installer-0.8.exe
2021-07-30 09:02 - 2021-08-15 11:00 - 000000000 ____D C:\Users\HP\Desktop\Standa škola
2021-07-29 12:15 - 2021-07-29 12:15 - 013786860 _____ C:\Users\HP\Desktop\PT-ebook-strategie-all-cz.pdf
2021-07-28 18:09 - 2021-08-05 13:17 - 000001204 _____ C:\Users\HP\Desktop\SEZONOST TTW – zástupce.lnk
2021-07-27 13:29 - 2021-07-27 13:29 - 000001994 _____ C:\Users\HP\Desktop\A 0B6E90BE81EB288F3A77D23FA7D8075C – zástupce.lnk
2021-07-27 13:18 - 2021-07-27 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purple Trading MT4A
2021-07-27 13:18 - 2021-07-27 13:18 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4A
2021-07-25 00:25 - 2020-12-18 10:08 - 004154560 _____ C:\Users\HP\Desktop\HP PC.pdf
2021-07-23 17:06 - 2021-07-29 11:44 - 000000000 ____D C:\Users\HP\Desktop\GIF
2021-07-21 20:53 - 2021-07-21 20:53 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-21 20:53 - 2021-07-21 20:53 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-21 20:53 - 2021-07-21 20:53 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-21 20:53 - 2021-07-21 20:53 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-20 17:06 - 2021-07-05 14:21 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-20 15:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-20 15:56 - 2020-12-15 18:21 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2021-08-20 14:02 - 2021-07-10 12:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-20 13:35 - 2021-04-05 18:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-20 08:21 - 2021-07-05 19:10 - 000000000 ____D C:\Program Files\CCleaner
2021-08-19 22:35 - 2021-04-05 18:58 - 001693656 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-19 22:35 - 2019-12-07 16:43 - 000716894 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-19 22:35 - 2019-12-07 16:43 - 000145072 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-19 22:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-19 22:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-19 21:19 - 2021-04-05 18:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-19 21:19 - 2021-04-05 18:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-19 21:19 - 2020-12-15 18:21 - 000000000 ____D C:\Intel
2021-08-19 21:19 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-19 21:19 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-19 19:32 - 2021-07-08 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-08-19 08:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-19 07:27 - 2021-07-05 14:22 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-17 18:41 - 2021-04-05 18:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-08-17 11:42 - 2020-12-15 18:13 - 000000000 ____D C:\Users\HP\AppData\Local\VirtualStore
2021-08-15 22:04 - 2021-04-05 18:56 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-15 22:04 - 2021-04-05 18:56 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-14 09:24 - 2021-03-17 15:33 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-13 10:25 - 2021-07-05 16:43 - 000000000 ____D C:\Users\HP\AppData\Roaming\Telegram Desktop
2021-08-12 21:39 - 2020-12-15 18:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-12 08:38 - 2020-12-15 18:13 - 000000000 ____D C:\Users\HP\AppData\Local\ConnectedDevicesPlatform
2021-08-12 08:20 - 2020-12-15 18:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-12 08:19 - 2021-07-08 09:34 - 000000000 ____D C:\Quarantine
2021-08-12 08:14 - 2021-04-05 18:54 - 000476720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-12 08:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-12 08:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 20:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 19:52 - 2020-12-15 18:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-11 19:50 - 2020-12-15 18:30 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-10 17:55 - 2020-12-15 18:13 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2021-08-09 06:55 - 2021-04-05 18:56 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1259765519-2013090550-2787584750-1001
2021-08-09 06:55 - 2021-04-05 18:50 - 000002372 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:39 - 2021-07-10 15:44 - 000000954 _____ C:\Users\HP\Desktop\FOTO VYTŘÍDIT – zástupce.lnk
2021-08-05 20:35 - 2021-07-10 15:48 - 000000900 _____ C:\Users\HP\Desktop\karta 2 – zástupce.lnk
2021-08-05 18:42 - 2021-07-10 15:45 - 000000918 _____ C:\Users\HP\Desktop\foto 2021 – zástupce.lnk
2021-08-05 10:13 - 2021-07-05 16:45 - 000000000 ____D C:\Users\HP\Downloads\Telegram Desktop
2021-08-05 00:05 - 2021-07-08 09:34 - 000091400 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\MfeEpNfcp.sys
2021-08-04 20:03 - 2020-12-15 18:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-04 20:00 - 2021-07-05 14:21 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-04 20:00 - 2021-07-05 14:21 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-03 18:18 - 2021-07-10 16:00 - 000001015 _____ C:\Users\HP\Desktop\Standa – zástupce.lnk
2021-08-03 18:18 - 2021-07-10 15:38 - 000000878 _____ C:\Users\HP\Desktop\BURZY – zástupce.lnk
2021-08-02 18:44 - 2021-07-10 14:04 - 000000756 _____ C:\Users\HP\Desktop\PLOCHA C.lnk
2021-08-01 18:14 - 2021-03-17 16:22 - 000000000 ____D C:\Users\HP\AppData\Local\D3DSCache
2021-07-30 15:51 - 2021-07-05 16:53 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-27 13:30 - 2021-07-10 12:56 - 000000000 ____D C:\Users\HP\Desktop\AAA DOKUMENTY
2021-07-27 13:21 - 2021-07-05 17:02 - 000000000 ___RD C:\Users\HP\Desktop\NÁSTROJE
2021-07-27 13:18 - 2021-07-05 19:35 - 000000000 ____D C:\Users\HP\AppData\Roaming\MetaQuotes
2021-07-27 08:49 - 2021-07-10 16:32 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4
2021-07-22 12:25 - 2021-07-10 14:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\vlc
2021-07-22 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-21 20:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-21 20:54 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-21 14:15 - 2021-07-05 16:26 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-07-21 14:15 - 2021-07-05 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-07-21 14:15 - 2021-07-05 16:26 - 000000000 ____D C:\Program Files (x86)\Java

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#3 Příspěvek od bonapart »

dobrý den, do funkce čištění mi to vubec nenabídlo, našlo to předinstalovany softwarw od HP, tem jsem musel dát do karanteny, jinak to nešlo dál, jen nevím jak duležité věci od HP jsem nyní znepřístupnil. něco ohledně supportu....nam to vratit z karanteny zpět ? díky Milan
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\HP\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2523 octets] - [22/08/2021 18:24:19]
AdwCleaner[S01].txt - [2584 octets] - [22/08/2021 18:27:01]
AdwCleaner[S02].txt - [2645 octets] - [22/08/2021 18:27:58]
AdwCleaner[S03].txt - [2706 octets] - [22/08/2021 18:30:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#4 Příspěvek od bonapart »

procesor stale běží na 45% , mě to prpada jak kdych si nainstaloval nejaký crypto mining

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#5 Příspěvek od bonapart »

tak ted to prestalo procesor bez vytížení, , vypada to ok, ale nevím jak dulezite veci oh HP jsem dal do karantény

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

Ještě dočistíme. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#7 Příspěvek od bonapart »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by HP (administrator) on DESKTOP-NP6ME1M (HP HP EliteDesk 800 G5 TWR) (22-08-2021 19:26:27)
Running from C:\Users\HP\Desktop\Nová složka
Loaded Profiles: HP
Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_65c4bc64f64422d8\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\SysInfoCap.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c0fd909ca6e7d672\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_667c6615c75bd143\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ec81fa442e167535\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ec81fa442e167535\IntelCpHeciSvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfecanary.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewch.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Endpoint Security Platform\mfeesp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Firewall\mfefw.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfeensppl.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [654112 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\WINDOWS\system32\xrxs1l6.dll [22016 2007-03-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {019DF963-52F5-4789-BBA2-4936CAB59C89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {147ED47F-4A11-4BB1-87DD-3B7BB5CBB484} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-08] (HP Inc. -> HP Inc.)
Task: {650A9C76-3379-4495-9205-59B749D926D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {6E587A5E-491D-4123-A852-78024F03C76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {7EA77A7C-2E74-4801-B40F-D1ACB1C07786} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D87D2CA1-A433-4869-B0F3-B128006B1481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {F3EF546D-CEE7-4344-B1BC-861FF69B62D7} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\Engine\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-07-08] (McAfee, Inc. -> McAfee, LLC.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e52b45c8-1257-4cba-8186-bd5110ce7b9b}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-22]
Edge DownloadDir: Default -> C:\Users\HP\Desktop
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Extension: (McAfee Endpoint Security Web Control) - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi [2019-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-08-22]
CHR DownloadDir: C:\Users\HP\Desktop
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-10]
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-10]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-10]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2021-07-25]
CHR Extension: (Adobe Acrobat) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-10]
CHR Extension: (Tabulky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-10]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28]
CHR HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jjkchpdmjjdmalgembblgafllbpcjlei] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mcchplg.crx [2019-10-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [85496 2020-07-03] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [123232 2020-07-03] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\AppHelperCap.exe [738376 2021-06-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\DiagsCap.exe [735824 2021-06-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\NetworkCap.exe [735808 2021-06-27] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4912fd66e61a0fda\x64\SysInfoCap.exe [737360 2021-06-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_65c4bc64f64422d8\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.)
R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [241456 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [179552 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [261640 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R2 mfewc; C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe [319792 2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107440 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2021-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfeepmpk; C:\WINDOWS\System32\drivers\mfeepmpk.sys [226432 2021-07-08] (McAfee, Inc. -> McAfee, LLC.)
S3 MfeEpNfcp; C:\WINDOWS\System32\drivers\MfeEpNfcp.sys [91400 2021-08-05] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [89520 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2021-07-08] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2021-07-08] (McAfee, Inc. -> McAfee LLC.)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82352 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2021-07-08] (McAfee, Inc. -> McAfee, LLC)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-07-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-08-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-22 19:05 - 2021-08-22 19:24 - 366046882 _____ C:\Users\HP\Desktop\Koktejl-Romantický,Komedie-1988-CZ-adriatic.avi.3729304375170110396.part
2021-08-22 19:04 - 2021-08-22 19:24 - 367451843 _____ C:\Users\HP\Desktop\Koktejl 1988.HD.mkv.7533321638166030181.part
2021-08-22 18:44 - 2021-05-20 16:53 - 2110045046 _____ C:\Users\HP\Desktop\Zmizelá (2014) CZ.avi
2021-08-22 18:41 - 2021-08-22 19:24 - 800126627 _____ C:\Users\HP\Desktop\Nebezpečné myšlenky (1995).mkv.4611034866426855982.part
2021-08-22 18:41 - 2021-08-22 19:24 - 782754816 _____ C:\Users\HP\Desktop\Nebezpečné myšlenky (1996) CZ.avi.6965439478003130937.part
2021-08-22 18:38 - 2021-08-22 18:38 - 000000000 ____D C:\Users\HP\Desktop\Nová složka (2)
2021-08-22 18:24 - 2021-08-22 18:31 - 000000000 ____D C:\AdwCleaner
2021-08-20 17:28 - 2021-08-22 19:26 - 000000000 ____D C:\Users\HP\Desktop\Nová složka
2021-08-20 17:14 - 2021-08-22 19:26 - 000000000 ____D C:\FRST
2021-08-20 12:30 - 2021-08-20 12:30 - 000000000 ____D C:\Users\HP\Desktop\NA EXTERAK A FLASH
2021-08-19 21:10 - 2021-08-20 12:06 - 322699001 _____ C:\Users\HP\Desktop\Webinář Strategie využávající volatility na trzích podle Vaška Husníka (19.8.2021).mp4
2021-08-19 12:07 - 2021-08-19 12:07 - 000002112 _____ C:\Users\HP\Desktop\22-6-2021_SUPER_ENG – zástupce.lnk
2021-08-15 10:42 - 2021-08-15 10:47 - 829570027 _____ C:\Users\HP\Desktop\a Webinář Strategie na scalping DAXu podle Jardy Tupého (12.8.2021).mp4
2021-08-13 17:02 - 2021-08-13 17:02 - 111193198 _____ C:\Users\HP\Desktop\2019_02_25_SDIV_Trading.mp4
2021-08-11 20:34 - 2021-08-12 12:37 - 000000000 ____D C:\Users\HP\Desktop\AUTAŘI
2021-08-11 20:17 - 2021-08-11 20:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 20:17 - 2021-08-11 20:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 20:17 - 2021-08-11 20:17 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 20:17 - 2021-08-11 20:17 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 20:16 - 2021-08-11 20:16 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 20:16 - 2021-08-11 20:16 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 20:16 - 2021-08-11 20:16 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-11 20:12 - 2021-08-11 20:12 - 000000000 ___HD C:\$WinREAgent
2021-08-05 20:40 - 2021-08-05 20:40 - 000000000 ____D C:\Users\HP\Desktop\italie
2021-08-03 18:15 - 2021-08-20 12:29 - 000000000 ____D C:\Users\HP\Desktop\MOJE OBCHODY
2021-08-02 22:21 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-08-01 21:33 - 2021-08-01 21:33 - 000001365 _____ C:\Users\HP\Desktop\Mauritanec Denik z Guantanama (2021) 1080p CZ dabing – zástupce.lnk
2021-08-01 18:13 - 2021-08-01 19:46 - 000000000 ____D C:\Users\HP\AppData\Roaming\.minecraft
2021-08-01 18:13 - 2021-08-01 19:23 - 000000000 ____D C:\Users\HP\AppData\Roaming\.tlauncher
2021-08-01 18:13 - 2021-08-01 18:13 - 000001934 _____ C:\Users\Public\Desktop\TLauncher.lnk
2021-08-01 18:13 - 2021-08-01 18:13 - 000000000 ____D C:\Users\HP\AppData\Roaming\java
2021-08-01 18:13 - 2021-08-01 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2021-08-01 18:11 - 2021-08-01 18:11 - 019711840 _____ (TLauncher Inc.) C:\Users\HP\Desktop\TLauncher-2.8-Installer-0.8.exe
2021-07-30 09:02 - 2021-08-15 11:00 - 000000000 ____D C:\Users\HP\Desktop\Standa škola
2021-07-29 12:15 - 2021-07-29 12:15 - 013786860 _____ C:\Users\HP\Desktop\PT-ebook-strategie-all-cz.pdf
2021-07-28 18:09 - 2021-08-05 13:17 - 000001204 _____ C:\Users\HP\Desktop\SEZONOST TTW – zástupce.lnk
2021-07-27 13:29 - 2021-07-27 13:29 - 000001994 _____ C:\Users\HP\Desktop\A 0B6E90BE81EB288F3A77D23FA7D8075C – zástupce.lnk
2021-07-27 13:18 - 2021-07-27 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purple Trading MT4A
2021-07-27 13:18 - 2021-07-27 13:18 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4A
2021-07-25 00:25 - 2020-12-18 10:08 - 004154560 _____ C:\Users\HP\Desktop\HP PC.pdf
2021-07-23 17:06 - 2021-07-29 11:44 - 000000000 ____D C:\Users\HP\Desktop\GIF

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-22 19:27 - 2021-07-05 19:10 - 000000000 ____D C:\Program Files\CCleaner
2021-08-22 19:27 - 2021-07-05 14:21 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-22 19:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-22 19:25 - 2021-07-10 12:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-22 19:25 - 2021-04-05 18:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-22 19:25 - 2021-04-05 18:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-22 19:25 - 2020-12-15 18:21 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2021-08-22 19:25 - 2020-12-15 18:21 - 000000000 ____D C:\Intel
2021-08-22 19:25 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-22 18:54 - 2021-04-05 18:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-22 18:31 - 2021-03-17 15:16 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-08-22 18:31 - 2020-12-15 18:36 - 000000000 ____D C:\Users\HP\AppData\Roaming\Hewlett-Packard
2021-08-22 18:31 - 2020-12-15 18:36 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-08-22 18:31 - 2020-12-15 18:22 - 000000000 ____D C:\ProgramData\HP
2021-08-22 18:26 - 2021-04-05 18:58 - 001693656 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-22 18:26 - 2019-12-07 16:43 - 000716894 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-22 18:26 - 2019-12-07 16:43 - 000145072 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-22 18:26 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-22 18:24 - 2021-07-08 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-08-22 13:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-22 13:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-21 18:50 - 2021-03-17 15:33 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-20 19:11 - 2021-07-10 15:16 - 000000880 _____ C:\Users\HP\Desktop\AA XP – zástupce.lnk
2021-08-19 21:19 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-19 07:27 - 2021-07-05 14:22 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-17 18:41 - 2021-04-05 18:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-08-17 11:42 - 2020-12-15 18:13 - 000000000 ____D C:\Users\HP\AppData\Local\VirtualStore
2021-08-15 22:04 - 2021-04-05 18:56 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-15 22:04 - 2021-04-05 18:56 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-13 10:25 - 2021-07-05 16:43 - 000000000 ____D C:\Users\HP\AppData\Roaming\Telegram Desktop
2021-08-12 21:39 - 2020-12-15 18:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-12 08:38 - 2020-12-15 18:13 - 000000000 ____D C:\Users\HP\AppData\Local\ConnectedDevicesPlatform
2021-08-12 08:20 - 2020-12-15 18:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-12 08:19 - 2021-07-08 09:34 - 000000000 ____D C:\Quarantine
2021-08-12 08:14 - 2021-04-05 18:54 - 000476720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-12 08:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-12 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-12 08:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 20:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 19:52 - 2020-12-15 18:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-11 19:50 - 2020-12-15 18:30 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-10 17:55 - 2020-12-15 18:13 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2021-08-09 06:55 - 2021-04-05 18:56 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1259765519-2013090550-2787584750-1001
2021-08-09 06:55 - 2021-04-05 18:50 - 000002372 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:39 - 2021-07-10 15:44 - 000000954 _____ C:\Users\HP\Desktop\FOTO VYTŘÍDIT – zástupce.lnk
2021-08-05 20:35 - 2021-07-10 15:48 - 000000900 _____ C:\Users\HP\Desktop\karta 2 – zástupce.lnk
2021-08-05 18:42 - 2021-07-10 15:45 - 000000918 _____ C:\Users\HP\Desktop\foto 2021 – zástupce.lnk
2021-08-05 10:13 - 2021-07-05 16:45 - 000000000 ____D C:\Users\HP\Downloads\Telegram Desktop
2021-08-05 00:05 - 2021-07-08 09:34 - 000091400 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\MfeEpNfcp.sys
2021-08-04 20:03 - 2020-12-15 18:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-04 20:00 - 2021-07-05 14:21 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-04 20:00 - 2021-07-05 14:21 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-03 18:18 - 2021-07-10 16:00 - 000001015 _____ C:\Users\HP\Desktop\Standa – zástupce.lnk
2021-08-03 18:18 - 2021-07-10 15:38 - 000000878 _____ C:\Users\HP\Desktop\BURZY – zástupce.lnk
2021-08-02 18:44 - 2021-07-10 14:04 - 000000756 _____ C:\Users\HP\Desktop\PLOCHA C.lnk
2021-08-01 18:14 - 2021-03-17 16:22 - 000000000 ____D C:\Users\HP\AppData\Local\D3DSCache
2021-07-30 15:51 - 2021-07-05 16:53 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-27 13:30 - 2021-07-10 12:56 - 000000000 ____D C:\Users\HP\Desktop\AAA DOKUMENTY
2021-07-27 13:21 - 2021-07-05 17:02 - 000000000 ___RD C:\Users\HP\Desktop\NÁSTROJE
2021-07-27 13:18 - 2021-07-05 19:35 - 000000000 ____D C:\Users\HP\AppData\Roaming\MetaQuotes
2021-07-27 08:49 - 2021-07-10 16:32 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by HP (22-08-2021 19:29:03)
Running from C:\Users\HP\Desktop\Nová složka
Windows 10 Pro Version 21H1 19043.1165 (X64) (2021-04-05 16:57:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1259765519-2013090550-2787584750-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1259765519-2013090550-2787584750-503 - Limited - Disabled)
Guest (S-1-5-21-1259765519-2013090550-2787584750-501 - Limited - Disabled)
HP (S-1-5-21-1259765519-2013090550-2787584750-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1259765519-2013090550-2787584750-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Endpoint Security (Enabled - Up to date) {A37DD4B2-BDFF-70DA-DE19-9F9927D6940F}
FW: McAfee Endpoint Security (Enabled) {9B465597-F790-7182-F546-36ACD905D374}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{560E7B2D-43A3-4A2C-B578-44525724B639}) (Version: 4.16.4.4300 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{6919d361-5a00-4c44-a3be-f5033ff85337}) (Version: 4.16.4.4300 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
Apowersoft Video Stahovač V6.4.7 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.7 - APOWERSOFT LIMITED)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
McAfee Agent (HKLM\...\{F01CC7C9-9545-494A-9A8E-F52037F8BE8E}) (Version: 5.6.1.308 - McAfee, Inc.) Hidden
McAfee Agent (HKLM-x32\...\McAfeeAgent) (Version: 5.6.1.308 - McAfee, Inc.)
McAfee Data Exchange Layer for MA (HKLM\...\{FEE8AD9B-C4D7-4F07-89AC-88C28E2B8809}) (Version: 5.0.10249.0 - McAfee LLC) Hidden
McAfee Data Exchange Layer for MA (HKLM-x32\...\{a3f1e826-e1b0-460f-8113-6624beacab1b}) (Version: 5.0.1.249 - McAfee LLC) Hidden
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{377DA1C7-79DE-4102-8DB7-5C2296A3E960}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Firewall (HKLM\...\{6F88C6E9-CAD0-4D03-99E1-161383F9AD6F}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Platform (HKLM\...\{B16DE18D-4D5D-45F8-92BD-8DC17225AFD8}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{820D7600-089E-486B-860F-279B8119A893}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Web Control (HKLM\...\{5974413A-8D95-4D64-B9EE-40DF28186445}) (Version: 10.7.0 - McAfee, LLC.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Ltd.)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4A) (Version: 4.00 - MetaQuotes Ltd.)
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 2.9.2 (HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.9.2 - Telegram FZ-LLC)
TLauncher (HKLM-x32\...\TLauncher2.8) (Version: 2.8 - TLauncher Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
Zoom (HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)

Packages:
=========
Audio Controls -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.AudioControls_1.3.97.0_x64__qt57b6kdvhcfw [2020-12-15] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.583.0_x64__v10z8vjag6ke6 [2021-08-17] (HP Inc.)
McAfee Endpoint Security Web Control -> C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2021-07-08] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-07] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-08] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-21] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-07-21 20:48 - 2021-07-21 20:48 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-07-06 13:08 - 2010-09-26 20:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2021-07-06 13:08 - 2010-09-28 12:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2021-07-06 13:08 - 2010-06-21 15:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2021-07-06 13:08 - 2010-09-28 13:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2021-07-06 13:08 - 2010-06-21 15:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2021-07-06 13:08 - 2010-06-10 15:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2021-07-06 13:08 - 2010-05-18 17:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM-x32 - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "IMMON"
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1259765519-2013090550-2787584750-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{EA531C22-5075-4FA8-8FCB-237A6921AC2A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F5E713D6-67AD-4EE0-80BA-1DCD5A283A98}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [{CB976A41-BBB7-4AAE-A372-C7E3BCD7549D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{76891230-6DD7-46C6-86CB-35E274CA52E1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{FC6E8F25-FE40-4F58-AE25-50EB2C679ED6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{D7FD6108-CCEF-4A15-A060-838E4D2D76C8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{3973047C-6555-49B5-A26E-EA5862F24F25}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B19A00FD-6936-481E-9B1D-1335161C82BD}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{423FD33E-3D55-4D87-A164-785390F0716B}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{BE5E63E0-2AB4-4F20-97B0-60E6C6D9331B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{B86F36E8-86C3-4C26-A9AE-AEB5ACD80FC2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [{FAB2E1B4-0B8F-4C68-B20D-C0DE3615B73A}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{8195DA2D-AD9D-4950-ABA4-5D0E6A5CC99E}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{AF8BC8C7-D886-4315-8A1F-B2BB47E2B682}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{CCFF77A0-78F2-46D7-BAB0-9DB3144653F1}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{67300863-E246-407D-8DC4-5548CBDB1E43}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{E801902F-F82A-4D35-A059-4262424DD5F8}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{FB55E9A4-59A7-4DB5-AD64-A6C0B65C28BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77400F50-F131-4E9B-98B4-B861511289CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{948905F4-5204-48E1-ABA5-1FCFF82E701E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CCA5F8E-02CB-4D97-80FD-A3716C2C020A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A47BDE2E-C256-47F4-9A22-B939AB927F35}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-08-2021 09:04:22 Naplánovaný kontrolní bod
11-08-2021 19:52:15 Instalační služba modulů systému Windows
11-08-2021 20:12:26 Instalační služba modulů systému Windows
11-08-2021 20:12:49 Instalační služba modulů systému Windows
22-08-2021 18:30:53 AdwCleaner_BeforeCleaning_22/08/2021_18:30:52

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/22/2021 06:52:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:52:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:52:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:52:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:52:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\0, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:52:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:38:40 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\0, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (08/22/2021 06:38:39 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.


System errors:
=============
Error: (08/22/2021 06:31:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/22/2021 06:31:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CxUIUSvc Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/22/2021 06:31:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/22/2021 06:31:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/22/2021 06:31:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CxAudioSvc Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/22/2021 06:31:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (08/22/2021 06:31:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/22/2021 06:31:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-08-19 16:07:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_F:\rcsetup153.exe; file:_F:\rcsetup153.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
Verze bezpečnostních informací: AV: 1.347.24.0, AS: 1.347.24.0, NIS: 1.347.24.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-12 21:50:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9A33D1C3-E9C8-4AD2-B4DB-50C7D5D42D9B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-08 09:17:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.343.601.0, AS: 1.343.601.0, NIS: 1.343.601.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-08 09:17:37
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\AutoKMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.343.601.0, AS: 1.343.601.0, NIS: 1.343.601.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-08 09:17:36
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMSEmulator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\AutoKMS.exe
Verze bezpečnostních informací: AV: 1.343.601.0, AS: 1.343.601.0, NIS: 1.343.601.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-05 14:30:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2021-07-05 14:29:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.272.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

CodeIntegrity:
===============
Date: 2021-08-22 19:28:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-22 19:27:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Windows signing level requirements.

Date: 2021-08-22 19:27:49
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\amcfg.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: HP R01 Ver. 02.09.00 04/15/2021
Motherboard: HP 8591
Processor: Intel(R) Core(TM) i7-9700 CPU @ 3.00GHz
Percentage of memory in use: 12%
Total physical RAM: 32542.29 MB
Available physical RAM: 28448.32 MB
Total Virtual: 37406.29 MB
Available Virtual: 31799.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.24 GB) (Free:498.82 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:324.42 GB) NTFS

\\?\Volume{a5d7af93-f056-4206-aa41-e825abf07910}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b439ff86-770c-486c-a989-8a1f3b93c28e}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

jeste jsem se chtel zeptat ten software co jsem dal do karanteny byl od Hewlwet pcard original? nemel bych ho vrátit ?

díky Milan

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {6E587A5E-491D-4123-A852-78024F03C76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {D87D2CA1-A433-4869-B0F3-B128006B1481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [TCP Query User{EA531C22-5075-4FA8-8FCB-237A6921AC2A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F5E713D6-67AD-4EE0-80BA-1DCD5A283A98}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [{B19A00FD-6936-481E-9B1D-1335161C82BD}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{423FD33E-3D55-4D87-A164-785390F0716B}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{BE5E63E0-2AB4-4F20-97B0-60E6C6D9331B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{B86F36E8-86C3-4C26-A9AE-AEB5ACD80FC2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
C:\Windows\AutoKMS.exe
C:\Windows\KMSEmulator.exe

EmptyTemp:
End
Uložte do C:\Users\HP\Desktop\Nová složka jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#9 Příspěvek od bonapart »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by HP (22-08-2021 21:07:03) Run:1
Running from C:\Users\HP\Desktop\Nová složka
Loaded Profiles: HP
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {6E587A5E-491D-4123-A852-78024F03C76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {D87D2CA1-A433-4869-B0F3-B128006B1481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [TCP Query User{EA531C22-5075-4FA8-8FCB-237A6921AC2A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F5E713D6-67AD-4EE0-80BA-1DCD5A283A98}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe => No File
FirewallRules: [{B19A00FD-6936-481E-9B1D-1335161C82BD}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{423FD33E-3D55-4D87-A164-785390F0716B}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{BE5E63E0-2AB4-4F20-97B0-60E6C6D9331B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{B86F36E8-86C3-4C26-A9AE-AEB5ACD80FC2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
C:\Windows\AutoKMS.exe
C:\Windows\KMSEmulator.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E587A5E-491D-4123-A852-78024F03C76A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E587A5E-491D-4123-A852-78024F03C76A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D87D2CA1-A433-4869-B0F3-B128006B1481}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87D2CA1-A433-4869-B0F3-B128006B1481}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EA531C22-5075-4FA8-8FCB-237A6921AC2A}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F5E713D6-67AD-4EE0-80BA-1DCD5A283A98}C:\program files (x86)\java\jre1.8.0_291\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B19A00FD-6936-481E-9B1D-1335161C82BD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{423FD33E-3D55-4D87-A164-785390F0716B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BE5E63E0-2AB4-4F20-97B0-60E6C6D9331B}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B86F36E8-86C3-4C26-A9AE-AEB5ACD80FC2}C:\windows\kmsemulator.exe" => removed successfully
"C:\Windows\AutoKMS.exe" => not found
"C:\Windows\KMSEmulator.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 829610476 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 642680 B
Edge => 182797 B
Chrome => 722823987 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 113546 B
NetworkService => 6484640 B
HP => 47198460 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-08-2021 21:08:29)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 21:08:29 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Smazáno. Už je vše v pořádku?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#11 Příspěvek od bonapart »

děkuji , už to vypadá Ok, jen jsem se chtel zeptat na ten předinstalovany software od HP co jsem daval do karanteny Adwcleaner

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#12 Příspěvek od Rudy »

To jsou firemní utility od HP. Pokud je nepoužíváte, neic se neděje, systém musí fungovat i bez nich. V opačném případě jsou ke stažení z webu HP.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bonapart
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 27 zář 2008 20:43

Re: Prosím o kontrolu logu

#13 Příspěvek od bonapart »

ok, děkuji za pomoc, jaky mam dat variabilni symbol při podpoře fora ?

Odpovědět