Dobrý den,
prosím o preventivní kontrolu.
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-06-2022 01
Ran by Petr (administrator) on DESKTOP-GC5ULMC (MSI MS-7623) (05-06-2022 09:43:34)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (VIA) [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (VIA Technologies, Inc -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [208152 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2015-12-30] (VIA) [File not signed]
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2015-12-30] (VIA) [File not signed]
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-05-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-10-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (No File)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [EpicGamesLauncher] => D:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33309664 2021-08-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG2200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB6.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2200 series: C:\WINDOWS\system32\CNMLMB6.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A3D0334-8FC7-4C11-A864-95AF05997E7C} - System32\Tasks\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {0B01EED6-BE7C-4335-9228-0E13F3DF082D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {10C8197A-0DEF-4D36-B851-0973B3AB8E1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {16F0B771-EFCA-4368-AFD4-D55FBD66FD64} - System32\Tasks\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {1CBDEDA7-0DE4-4EB3-AEC6-957A85FD71B6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AD71896-156E-4BF3-8013-6D4C1BFA9F8A} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3884E5E0-5B93-4423-818C-4E92B9F83005} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [965552 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A64EFB2-4358-4A09-89BE-06D990A98BA6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D4C33B0-004F-48D1-A88F-C707F594CD0E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
Task: {6DE9CFBA-25E9-45AA-BCA5-8F43B3B857C7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F65F016-E6F8-4841-B2AE-172B604B68BE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB0884CA-C7EC-4665-90DE-1D913D7379B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {D7F9632E-9A68-416D-8F8A-1A4E81638111} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {F510D921-6576-49D6-85A9-A4753E5C631C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{fb5d3104-e36a-4208-9b45-522c6468f566}: [DhcpNameServer] 85.132.179.206 188.75.176.2
Edge:
=======
DownloadDir: C:\Users\Petr\Desktop
Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-05]
Edge DownloadDir: Default -> C:\Users\Petr\Desktop
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR DownloadDir: C:\Users\Petr\Desktop
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-07]
CHR Extension: (Just Black) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-10-07]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-07]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-07]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-01-19]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-11]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8507016 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563024 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1968976 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563024 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-07-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812008 2021-08-28] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254856 2022-05-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10112672 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [33240 2015-12-09] (VIA Technologies, Inc -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-09-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-09-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [381616 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255144 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102568 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [44568 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271592 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548976 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [558768 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215936 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317832 2022-05-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8232160 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-05 09:43 - 2022-06-05 09:45 - 000021547 _____ C:\Users\Petr\Desktop\FRST.txt
2022-06-05 09:41 - 2022-06-05 09:44 - 000000000 ____D C:\FRST
2022-06-05 09:40 - 2022-06-05 09:40 - 002368000 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2022-05-23 18:38 - 2022-05-23 18:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Nero
2022-05-23 18:30 - 2022-05-23 18:30 - 000004767 _____ C:\WINDOWS\Irremote.ini
2022-05-23 18:24 - 2022-05-23 18:29 - 000000000 ____D C:\Program Files (x86)\Nero
2022-05-23 18:24 - 2022-05-23 18:25 - 000000000 ____D C:\ProgramData\Nero
2022-05-18 20:24 - 2022-05-18 20:23 - 000287056 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-05-18 20:24 - 2022-05-18 20:23 - 000218088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa85b85aedbd7cb71.tmp
2022-05-12 07:56 - 2022-05-12 07:56 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-12 07:37 - 2022-05-12 07:37 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-05 09:43 - 2020-10-07 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-05 09:40 - 2020-09-29 21:05 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-05 09:28 - 2020-04-03 14:22 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-05 09:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-05 09:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-05 09:26 - 2020-10-12 20:07 - 000000000 ____D C:\Program Files\CCleaner
2022-06-05 09:25 - 2020-10-08 10:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B620A067-F333-4478-A6CC-B1B86B683051}
2022-06-04 23:13 - 2020-09-29 19:38 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-04 23:12 - 2020-09-29 19:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-04 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-04 10:16 - 2020-10-16 15:45 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2022-06-02 18:49 - 2021-12-13 15:50 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3289169553-1937731841-1937761989-1001
2022-06-02 18:49 - 2020-09-29 20:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3289169553-1937731841-1937761989-1001
2022-06-02 18:49 - 2020-09-29 19:51 - 000002378 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-02 17:45 - 2020-09-29 20:17 - 000000000 ____D C:\ProgramData\Packages
2022-06-01 21:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-01 16:07 - 2020-10-07 15:34 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-31 17:24 - 2020-09-29 21:03 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-05-30 15:40 - 2020-09-30 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-24 20:50 - 2020-10-12 20:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-05-23 18:29 - 2018-09-06 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2022-05-18 20:24 - 2020-09-29 21:02 - 000381616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-05-18 20:24 - 2020-09-29 21:02 - 000317832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-05-18 20:24 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-18 20:23 - 2021-07-15 15:50 - 000548976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-05-18 20:23 - 2020-10-23 10:38 - 000271592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000857488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000558768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000255144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000232648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000111056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000102568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000086120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-05-18 20:23 - 2020-09-29 21:02 - 000044568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-05-14 21:58 - 2020-09-29 19:51 - 000000000 ____D C:\Users\Petr
2022-05-14 08:17 - 2020-09-29 20:02 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-14 08:17 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-05-14 08:17 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-05-14 08:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-14 08:12 - 2021-03-20 15:05 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-05-14 08:10 - 2020-09-29 21:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-05-14 08:09 - 2020-09-29 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-14 08:09 - 2020-06-25 20:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-12 08:06 - 2020-09-29 21:01 - 000000000 ____D C:\ProgramData\Avast Software
2022-05-12 08:06 - 2020-09-29 19:29 - 000440424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-12 08:04 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-12 08:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-12 08:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-12 08:03 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-12 08:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-11 07:38 - 2020-09-29 20:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 07:31 - 2020-09-29 20:41 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2021-12-15 16:16 - 2021-12-15 16:16 - 000007604 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-06-2022 01
Ran by Petr (05-06-2022 09:46:22)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1706 (X64) (2020-09-29 18:12:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3289169553-1937731841-1937761989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3289169553-1937731841-1937761989-503 - Limited - Disabled)
Guest (S-1-5-21-3289169553-1937731841-1937761989-501 - Limited - Disabled)
Petr (S-1-5-21-3289169553-1937731841-1937761989-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3289169553-1937731841-1937761989-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.4.6011 - Avast Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
Discord (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Discord) (Version: 0.0.310 - Discord Inc.)
DolbyFiles (HKLM-x32\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 2.0 - Nero AG) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Menu Templates - Starter Kit (HKLM-x32\...\{b78120a0-cf84-4366-a393-4d0a59bc546c}) (Version: 9.4.2.0 - Nero AG) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Movie Templates - Starter Kit (HKLM-x32\...\{e498385e-1c51-459a-b45f-1721e37aa1a0}) (Version: 9.4.2.0 - Nero AG) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
SoundTrax (HKLM-x32\...\{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}) (Version: 4.4.23.0 - Nero AG) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
VALORANT (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VariCAD Viewer 2021-1.02 CZ (HKLM\...\VariCADViewer_CZ) (Version: 2021-1.02 - VariCAD s.r.o)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\WhatsApp) (Version: 2.2142.12 - WhatsApp)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-20] (Microsoft Studios) [MS Ad]
Notification Sounds and Ringtones -> C:\Program Files\WindowsApps\19289Softmate.NotificationSoundsandRingtones_1.1.0.0_x86__8yx9mxpjpzscw [2021-12-25] (Softmate) [MS Ad]
Office -> C:\Program Files\WindowsApps\www.office.com-6A424043_1.0.0.3_neutral__hhrgrbe39qw14 [2021-09-26] (www.office.com)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0 [2022-05-31] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-05-08] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
==================== Loaded Modules (Whitelisted) =============
2020-10-08 09:31 - 2022-03-04 04:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-10-08 09:31 - 2021-11-17 13:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-10-08 09:31 - 2021-11-17 13:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-10-08 09:31 - 2022-03-04 04:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\sharepoint.com -> hxxps://kbagrafitec-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\Wallpaper -> d:\petr\ovladače\img9.jpg
DNS Servers: 85.132.179.206 - 188.75.176.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C6D8BEF9-309F-475D-84EF-413F0B6F8BDA}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{55B8EBE7-EDA7-4FB3-BC13-E19B09F8FC82}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1E948168-8F27-4E81-A98A-1290AF1E15AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DB0FA376-32F5-4B6F-9081-0CE30AB85535}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{22B9B73B-FC0B-4B6B-A75D-46D71E3B73BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEE1AE6D-2412-4BFB-94E9-23DD2D4B5E71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11E44AF9-E017-49BE-89BC-2B8A202D22B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [{758E3867-2B1E-4723-BD07-CAE59ED879C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [TCP Query User{01F3E7DD-ADB6-41E9-AFEA-6AD1BF728E3E}D:\denisa\hry\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{DEEC8326-290E-4B89-884B-7A71B856A8B6}D:\denisa\hry\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{0249CFDA-68B9-4D01-A4CB-6790486408FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RCCars\RCCars.exe (Computer Graphics Studio CREAT) [File not signed]
FirewallRules: [{F13F5722-9895-445D-A150-04CD78B6D9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RCCars\RCCars.exe (Computer Graphics Studio CREAT) [File not signed]
FirewallRules: [TCP Query User{D11F8981-B382-4191-B7D1-0BB777A9828D}D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E937AA7A-0E56-46D1-9F6E-2F98ED848B27}D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{A53295C4-4919-4CB1-8671-1E9DE6D39B12}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [UDP Query User{DDDFE386-26CE-48AA-9CEF-4E334EFD22C3}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [TCP Query User{43B4CAAC-1EBD-4F9B-8263-C60C33FE7D0A}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{29B89ED9-89B9-42CB-896E-E507BE8A3BAC}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35CE8502-F883-4BEB-BF0C-C6D74CBB6218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{3AF0E729-AE1E-4D0D-A38F-4098A1BF7B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0044A0A8-320C-42F4-85C0-D511349F6338}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{69AEDED4-8D96-4C15-A08D-0503A67C73EB}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{42358730-F39B-408B-AA7C-571C4866AB81}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{799FBB0B-83CA-43C4-89A5-56F2F1B62B97}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{584A3A8D-2336-4527-96F8-9126DA631B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0E2D55EB-F872-45FE-B976-89B3649D9A97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{B181658D-EC43-40AA-81A7-E9F050250102}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E03DA6CE-CA82-407C-A756-739CFD7EEFCD}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{1333CC64-1A5B-4DE2-A5DD-810E6AE5E656}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F951A4FD-9654-4F4C-B216-608A46C55D58}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5883C4D8-D3C8-483C-98D9-779D081B5046}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{CFEC17B5-C23E-41BC-9CA9-604BB02F65EB}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5F2AD8CC-2351-4518-917E-A0CBF96E0F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{C1ACAB60-0CC1-4284-A9C2-C039AC1F7E84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{DCC1417A-831A-4DD9-8B20-EFC93142E873}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{64EFAD74-6D26-4B27-BA74-51A3EF8FE238}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{2E46AC9C-C6A9-46AE-B2BD-4B5C85E79940}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3AF386C9-E024-4143-A83F-6E5F88F30165}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{006F1885-CA17-48AC-BF96-9309E09D3637}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8BAFF23E-024A-430C-B363-8DC6C4157A31}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F2B32326-2463-458E-B466-EBBC5BFE4A08}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{6AAC2B51-3F9E-4889-9054-0C49B92D56B9}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{128EB5B3-B613-4A62-AFFE-2D36A3F5C13D}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{FDA535C5-44E4-4D4B-B01D-3FBA2975D20D}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5D875870-344E-48DA-946F-E28219254D8A}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{FF32FEBD-A83D-4C59-8E41-E726F4DA67A5}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DEFBD468-44DE-4BFF-9212-1BD47839B2F0}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{B0C62873-3930-4F4B-9CE2-8FD59A161C9C}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F1C19538-C4D0-435E-86B0-194C712F3FFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CAB40BB0-051C-4897-B44E-9F2989EC918C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{050CC43E-F881-436D-9698-6B6962F5AC6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8829504B-4A73-4256-A6A9-CC00C50779DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{4BD786FA-9697-4919-8005-E4653746691F}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{2C8CEC85-E61D-4C19-BB57-F322FACB93EC}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{852DE8D9-D2B7-4E48-AC09-F7371207F662}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe () [File not signed]
FirewallRules: [{1E50F65D-310A-4DF3-8678-F75C42A8252F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe () [File not signed]
FirewallRules: [{427912AB-AEC7-480E-BB45-418E12C86739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{B037B7FB-F221-43A4-A72D-A24A4BF67D71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{51227456-FC3B-4A9B-B01F-A05C2236CA78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{7524EA37-4E0A-4972-870B-18BCC1902120}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{683ED1C0-47EA-4868-A3A3-16A993F31467}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E6E16EC2-8784-4589-B8F5-E1BDEB4AF747}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6A24A927-C1E9-4DD9-9FC8-827AEBB8C45C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D0E0C4F-E951-4C12-82BA-989E62A26897}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CF365955-7DA1-4319-88CE-CB6634ABEFD3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F7A8D596-7BB0-4E70-828F-947102822D28}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CCC9B929-A02B-41BB-A3FF-B84839C0468A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DF169C49-8F8F-4D51-AC36-FB78C06E0B1F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3EE0D2AD-A620-4987-8ADA-201540805824}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{559C2DE4-024F-4791-97E3-398F312984E9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BC963A15-F77B-4906-AB16-E77B004F6D55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19E85EA4-7650-4F8A-BB2C-D8786A0CEF4E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F07D6E8-9CB6-45CC-85CD-F8815DB7AD5C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83ED7CB5-92C2-4571-B782-191F0E791F60}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{138E1856-D32C-41C8-A22F-3FE0B10549C2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6D8D18A1-BBFC-4020-A5F9-2F2A5A952F9C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{22400A04-D63D-4433-A3B0-CF0EBED8FFED}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{66C5B4D5-B9F9-49E6-8E4D-B3CEAFD3A647}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8BE438D-AB50-4CBE-8E7D-452B15ED4896}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{34BF4F4E-CC8D-4E19-8E97-784CD513D141}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4E623EE2-0346-4D3F-9922-D510B8D01134}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9047AB40-FC14-4588-A025-1A781133EC5D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C26DEE3-2A68-4055-8C9F-93041CDF363A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6831A7B6-264B-402E-85D4-429D228E1EBF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46832717-D8BB-4FE0-AAB1-05DA07F74974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92E15890-5DCA-48FB-95C8-7ABB5F8EAB3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D80BF364-5B47-4C40-912D-6294D75C8A7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F0E03EF-CBB8-4B3C-8662-564946493A2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2D85418-DE84-4D84-9B0E-ED13CDD7F6BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F457CEE9-AC69-4D51-8238-5F4AD0FDFA88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7F7BAD9-FCD6-43AD-B2B0-B1452DAA1BA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5AA4F2FB-F87B-415B-A068-954C6C24EDC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{47FF2F7C-9679-4BB4-A840-7BA519255039}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5617941C-CA5F-419B-A9BD-CCCF1050D356}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2F5A0E98-D081-4085-95D2-FC997997E120}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
21-05-2022 09:15:16 Naplánovaný kontrolní bod
31-05-2022 20:23:26 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/04/2022 10:16:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MOE.exe, verze: 0.0.0.0, časové razítko: 0x628353db
Název chybujícího modulu: nvwgf2um.dll, verze: 23.21.13.9135, časové razítko: 0x5ab58a0a
Kód výjimky: 0xc0000005
Posun chyby: 0x00d431fc
ID chybujícího procesu: 0x2470
Čas spuštění chybující aplikace: 0x01d877eb25585025
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvwgf2um.dll
ID zprávy: 856cf7ab-4a70-4c6c-ac5f-0245b4908c49
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/02/2022 09:29:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/02/2022 09:11:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/02/2022 09:11:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Uložiště (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/01/2022 06:42:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MOE.exe, verze: 0.0.0.0, časové razítko: 0x628353db
Název chybujícího modulu: nvwgf2um.dll, verze: 23.21.13.9135, časové razítko: 0x5ab58a0a
Kód výjimky: 0xc0000005
Posun chyby: 0x00d431fc
ID chybujícího procesu: 0x3ad0
Čas spuštění chybující aplikace: 0x01d875d68bce83cc
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvwgf2um.dll
ID zprávy: 2e21af44-636a-448e-83c5-d37801fcc378
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/27/2022 07:59:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Error: (05/27/2022 07:36:07 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (05/27/2022 07:27:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (06/03/2022 10:32:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/03/2022 10:23:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/03/2022 10:13:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/02/2022 05:46:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (06/02/2022 05:38:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).
Error: (06/01/2022 09:28:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/01/2022 09:28:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/01/2022 09:28:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2022-05-18 20:24:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-05-18 16:18:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.3 11/15/2010
Motherboard: MSI 760GM-P33 (MS-7623)
Processor: AMD Phenom(tm) II X6 1055T Processor
Percentage of memory in use: 50%
Total physical RAM: 8191.18 MB
Available physical RAM: 4025.23 MB
Total Virtual: 9471.18 MB
Available Virtual: 4686.08 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.47 GB) (Free:704.09 GB) (Model: ST1000DM003-1SB10C ATA Device) NTFS
Drive d: (Uložiště) (Fixed) (Total:1863.01 GB) (Free:759.86 GB) (Model: ST2000DM001-1ER164 ATA Device) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{9b0c9b0c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{9b0c9b0c-0000-0000-0000-90c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F8F2D247)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9B0C9B0C)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=513 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prevence
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
Zdravím!
Předem se omlouvám, nějak jste mi unikl. Otevřte poznámkový blok a zkopírujte do něj:
Předem se omlouvám, nějak jste mi unikl. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0A3D0334-8FC7-4C11-A864-95AF05997E7C} - System32\Tasks\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {16F0B771-EFCA-4368-AFD4-D55FBD66FD64} - System32\Tasks\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {BB0884CA-C7EC-4665-90DE-1D913D7379B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
C:\WINDOWS\system32\Drivers\aswa85b85aedbd7cb71.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence
Dobrý den Rudy,
nic se nestalo
Jen mi nepřišlo upozornění že jste mi odpověděl, a upozornění na email mám zapnuté.
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-06-2022
Ran by Petr (14-06-2022 20:44:25) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0A3D0334-8FC7-4C11-A864-95AF05997E7C} - System32\Tasks\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {16F0B771-EFCA-4368-AFD4-D55FBD66FD64} - System32\Tasks\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {BB0884CA-C7EC-4665-90DE-1D913D7379B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
C:\WINDOWS\system32\Drivers\aswa85b85aedbd7cb71.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Synchronizer" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A3D0334-8FC7-4C11-A864-95AF05997E7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A3D0334-8FC7-4C11-A864-95AF05997E7C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16F0B771-EFCA-4368-AFD4-D55FBD66FD64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16F0B771-EFCA-4368-AFD4-D55FBD66FD64}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB0884CA-C7EC-4665-90DE-1D913D7379B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB0884CA-C7EC-4665-90DE-1D913D7379B4}" => removed successfully
C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" => removed successfully
"C:\WINDOWS\system32\Drivers\aswa85b85aedbd7cb71.tmp" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51870888 B
Java, Discord, Steam htmlcache => 405437531 B
Windows/system/drivers => 6836887 B
Edge => 0 B
Chrome => 163840 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr => 12534535 B
RecycleBin => 11766207069 B
EmptyTemp: => 11.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:44:54 ====
nic se nestalo
Jen mi nepřišlo upozornění že jste mi odpověděl, a upozornění na email mám zapnuté.
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-06-2022
Ran by Petr (14-06-2022 20:44:25) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0A3D0334-8FC7-4C11-A864-95AF05997E7C} - System32\Tasks\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {16F0B771-EFCA-4368-AFD4-D55FBD66FD64} - System32\Tasks\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {BB0884CA-C7EC-4665-90DE-1D913D7379B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
C:\WINDOWS\system32\Drivers\aswa85b85aedbd7cb71.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Synchronizer" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A3D0334-8FC7-4C11-A864-95AF05997E7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A3D0334-8FC7-4C11-A864-95AF05997E7C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{C8A51799-BA7F-4974-AE6E-237B2CDBFC60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16F0B771-EFCA-4368-AFD4-D55FBD66FD64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16F0B771-EFCA-4368-AFD4-D55FBD66FD64}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{C9BF2EDB-B9A9-4B83-836C-EC3E113D0CB3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB0884CA-C7EC-4665-90DE-1D913D7379B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB0884CA-C7EC-4665-90DE-1D913D7379B4}" => removed successfully
C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" => removed successfully
"C:\WINDOWS\system32\Drivers\aswa85b85aedbd7cb71.tmp" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51870888 B
Java, Discord, Steam htmlcache => 405437531 B
Windows/system/drivers => 6836887 B
Edge => 0 B
Chrome => 163840 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr => 12534535 B
RecycleBin => 11766207069 B
EmptyTemp: => 11.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:44:54 ====
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
Bylo smazámo, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence
Děkuji za pomoc 
Prosím jak se jmenuje aplikace co smaže všechno po čištění?
Prosím jak se jmenuje aplikace co smaže všechno po čištění?
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
T-Cleaner. Nevím ale, jestli úplně vše a na všech systémech. To platilo u XP: http://tharifas.sweb.cz/T-Cleaner.exe .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence
Dobrý den Rudy,
měl jsem na mysli DelFix vzpoměl jsem si. Dost jste ho tady používali.
Děkuji a přeji příjemný zbytek dne.
měl jsem na mysli DelFix vzpoměl jsem si. Dost jste ho tady používali.
Děkuji a přeji příjemný zbytek dne.
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
OK. DelFix: https://www.stahuj.cz/utility_a_ostatni ... id/delfix/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?