Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by Petr (administrator) on TEPAN (04-05-2022 09:49:05)
Running from D:\Downloads
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\atieclxx.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <39>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(services.exe ->) () [File not signed] C:\Program Files\Allway Sync\Bin\SyncService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1613_none_7df538047ca074bb\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630552 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547040 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --do-not-de-elevate --flag-switches-begin --flag-switches-end --e (the data entry has 134 more characters). [3547040 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2020-09-30]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A48237D-5E77-4636-AD1B-5AC395A5068F} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1118200 2022-03-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1A759FE2-A1B5-4FE2-811D-AC9C39981464} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DDF55E8-F84E-4572-8628-BCFA063554C1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {200EA518-84E9-47D8-B1FE-5E295CF986A5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {30491167-089B-4CAA-95F2-4AE4C415F706} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53AB23AC-8EEC-4957-B2C6-6922771EE91E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {5DA70AA1-F3E1-40E1-A3A2-B3A0D0604AAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-25] (Google LLC -> Google LLC)
Task: {71E9041C-2F8B-467F-97EB-2E3C65F64244} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {8175F048-B512-4171-B833-01861426B0B0} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {88DACFAE-AEEF-4E4F-B4FA-F9AB2F937CAD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4148571483-3592684963-3718319802-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {91F34A0A-249B-4C20-BCCB-ABEC18A46B47} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {962E83BF-4C15-4A32-8DB1-EF3889607677} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2AA7524-DF4A-4357-BE67-57B1A0BDE138} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B1E9BC96-ABED-4210-8BD5-D0560BB86D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-25] (Google LLC -> Google LLC)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {C56A57EE-B4C6-4BB3-82B9-1D4976DAF94F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C963CFBE-B837-47C4-81AF-7F4F12C2328C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2022-03-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {CB5A6DB2-555E-474A-843A-C3E4FFE6FE77} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D4768DA9-04A9-4DE4-BAC1-B5B89D6A2156} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Petr\OneDrive\Plocha\AdwCleaner.exe [8199856 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
Task: {D8FEDA38-705C-455A-AB93-A2C78643649F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9C975BD-456B-40B0-90CE-5F42AA83DAC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA8A9E30-A9D1-40F6-9EBC-4E8B5F162E5F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-03-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION
Task: {EFFF7856-1392-4C35-9D26-4949052E44CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4857843-CF0C-4823-8375-4FA58F81EB4B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F6265E46-199F-4B6B-B9FD-DA3020321E8D} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-03-09] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F6CE90AF-CC8B-4A19-A317-AF7789E78BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {FE8EEC74-DEBB-4BEC-8838-E046782EA8F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{9fddadb7-d77f-4285-9596-3a6f1ddef74d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
DownloadDir: D:\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxps://www.tipsport.cz; hxxps://www.facebook.com; hxxps://cpyskidrow.com; hxxps://ouo.press; hxxps://www1a.ramirocampos.pro; hxxps://www1a.debrahinton.pro; hxxps://www.file-up.org; hxxps://www1a.sherwoodsutton.pro; hxxps://www1a.bethanyharrell.pro; hxxps://www2a.debrahinton.pro
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-04]
Edge DownloadDir: Default -> D:\Downloads
Edge Notifications: Default -> hxxps://cz.bongacams.com; hxxps://nahehvezdy.cz; hxxps://wp.aliexpress.com; hxxps://www.aliexpress.com; hxxps://www.chatzone.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-04-07]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-05-02]
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-24]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-24]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [264192 2020-04-07] () [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncHelper.exe [3395992 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.065.0412.0004\OneDriveUpdaterService.exe [3868568 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33728 2021-12-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2022-03-08] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\amdkmdag.sys [90159536 2022-03-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-27 16:50 - 2022-04-27 18:35 - 000000000 ____D C:\Users\Petr\OneDrive\Dokumenty\The Witcher 3
2022-04-27 16:44 - 2022-04-27 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2022-04-27 16:36 - 2022-04-27 16:37 - 000000000 ____D C:\Instalovane hry
2022-04-22 21:36 - 2022-04-22 21:36 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-22 21:36 - 2022-04-22 21:36 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-13 23:14 - 2022-04-13 23:14 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-13 23:14 - 2022-04-13 23:14 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 23:14 - 2022-04-13 23:14 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-13 23:14 - 2022-04-13 23:14 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 23:04 - 2022-04-13 23:04 - 000000000 ___HD C:\$WinREAgent
2022-04-07 17:20 - 2022-04-07 17:20 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\AMD
2022-04-07 17:20 - 2022-03-16 03:41 - 000110408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2022-04-05 19:27 - 2022-04-05 19:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\AMD
2022-04-05 19:27 - 2022-04-05 19:27 - 000000000 ____D C:\Users\Petr\AppData\Local\setup
2022-04-05 19:26 - 2022-04-05 19:26 - 000000000 ____D C:\Program Files (x86)\AMD
2022-04-05 19:17 - 2022-04-05 19:17 - 000002622 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2022-04-05 19:17 - 2022-04-05 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2022-04-05 19:17 - 2022-04-05 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-04-05 19:03 - 2022-04-05 19:03 - 000000000 ____D C:\Users\Petr\AppData\Local\AMDSoftwareInstaller
2022-04-05 18:51 - 2022-03-16 03:43 - 001913800 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001913800 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001484744 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001484744 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001446368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 001446368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 001157976 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 001157976 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000798640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000675784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000559536 _____ C:\WINDOWS\system32\GameManager64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000502192 _____ C:\WINDOWS\system32\dgtrayicon.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 000494000 _____ C:\WINDOWS\system32\EEURestart.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 000420784 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000346008 _____ C:\WINDOWS\system32\clinfo.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 000196016 _____ C:\WINDOWS\system32\mantle64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000180144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000179120 _____ C:\WINDOWS\system32\mantleaxl64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000157104 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000142768 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000142744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000092608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000077256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000048560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000045488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000030032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000030032 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 090031536 _____ C:\WINDOWS\system32\amd_comgr.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 074263496 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 001537968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 001415616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 001415616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000892336 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2022-04-05 18:51 - 2022-03-16 03:42 - 000527280 _____ C:\WINDOWS\system32\atieah64.exe
2022-04-05 18:51 - 2022-03-16 03:42 - 000470448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000395184 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2022-04-05 18:51 - 2022-03-16 03:42 - 000262576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000221616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000203552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000168344 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000167984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000151984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000151656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000141232 _____ C:\WINDOWS\system32\atidxx64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000139720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000135088 _____ C:\WINDOWS\system32\amdxc64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000132552 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000122704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000115632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000115120 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000109976 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000072104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 069203376 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 001714232 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 001389744 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000943512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000770968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000560048 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000551944 _____ C:\WINDOWS\system32\amdmiracast.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000468376 _____ C:\WINDOWS\system32\amdlogum.exe
2022-04-05 18:51 - 2022-03-16 03:41 - 000423344 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000178272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000151632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000122728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-04-05 18:51 - 2022-03-16 03:40 - 000162088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-04-05 18:51 - 2022-03-16 03:40 - 000136840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-04-05 18:51 - 2022-03-16 03:16 - 056643200 _____ C:\WINDOWS\system32\amdxc64.so
2022-04-05 18:51 - 2022-03-16 03:16 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2022-04-05 18:51 - 2022-03-16 03:16 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2022-04-05 18:51 - 2022-03-16 03:16 - 000571400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-04-05 18:51 - 2022-03-16 03:16 - 000571400 _____ C:\WINDOWS\system32\atiapfxx.blb
2022-04-05 18:51 - 2022-03-16 03:16 - 000010702 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-04 09:49 - 2020-11-26 11:05 - 000000000 ____D C:\FRST
2022-05-04 09:42 - 2019-10-15 17:00 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2022-05-04 09:33 - 2021-04-25 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-04 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-04 09:33 - 2019-10-15 10:32 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-04 03:40 - 2019-11-24 04:03 - 000000000 ____D C:\Program Files\CCleaner
2022-05-02 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-02 15:42 - 2021-04-25 22:33 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-02 15:42 - 2019-12-07 16:41 - 000716632 _____ C:\WINDOWS\system32\perfh005.dat
2022-05-02 15:42 - 2019-12-07 16:41 - 000144810 _____ C:\WINDOWS\system32\perfc005.dat
2022-05-02 15:42 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-02 15:39 - 2021-04-25 22:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-05-02 15:38 - 2021-08-10 11:03 - 000020196 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-05-02 15:38 - 2021-04-25 22:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-02 15:38 - 2020-09-21 15:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-02 15:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-02 15:38 - 2019-10-11 21:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-05-02 15:37 - 2021-04-25 22:32 - 000003172 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2022-05-02 15:36 - 2020-03-25 14:58 - 000000000 ____D C:\AdwCleaner
2022-05-02 15:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-02 14:22 - 2019-10-15 10:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2022-05-02 14:16 - 2019-10-15 11:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2022-05-02 07:45 - 2020-10-19 12:32 - 000000000 ____D C:\Filmy
2022-04-30 21:35 - 2020-07-14 04:46 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-27 23:07 - 2019-10-11 21:30 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2022-04-27 16:44 - 2019-10-11 21:28 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-26 12:47 - 2020-10-19 12:35 - 000000000 ____D C:\hry pred instalaci
2022-04-26 12:46 - 2021-09-12 21:38 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-04-26 11:58 - 2020-10-27 08:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EMPRESS
2022-04-26 11:53 - 2019-10-11 21:30 - 000000000 ____D C:\Users\Petr\AppData\Local\AMD
2022-04-21 21:38 - 2021-03-16 21:33 - 000000000 ____D C:\Users\Petr\AppData\Local\AMD_Common
2022-04-21 02:25 - 2021-12-12 18:35 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4148571483-3592684963-3718319802-1001
2022-04-21 02:25 - 2021-04-25 22:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-04-21 02:25 - 2020-02-06 07:42 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-20 08:16 - 2021-04-25 22:26 - 000000000 ____D C:\Users\Petr
2022-04-20 04:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-20 03:09 - 2020-07-25 08:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-20 03:03 - 2021-04-25 22:32 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-20 03:03 - 2021-04-25 22:32 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-13 23:45 - 2021-04-25 22:25 - 000443832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 23:44 - 2021-04-25 23:11 - 000000000 ____D C:\WINDOWS\en-GB
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 23:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 23:01 - 2019-10-11 21:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 22:59 - 2019-10-11 21:35 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-10 13:52 - 2021-04-26 06:20 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73a117b34c136
2022-04-10 13:52 - 2021-04-25 22:32 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 17:20 - 2019-10-11 21:28 - 000000000 ____D C:\Program Files\AMD
2022-04-06 01:10 - 2020-09-30 22:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-05 19:27 - 2019-10-11 21:27 - 000000000 ____D C:\AMD
2022-04-05 19:17 - 2022-03-22 16:23 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-04-05 19:17 - 2022-03-22 16:23 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
==================== Files in the root of some directories ========
2020-09-21 14:06 - 2019-07-04 21:27 - 000452992 _____ (COMODO) C:\ProgramData\cmdres.dll
2020-04-06 11:56 - 2020-04-06 11:56 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-04-06 11:56 - 2020-04-06 11:56 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-11-12 11:08 - 2020-10-12 15:33 - 017838873 _____ (VS Revo Group) C:\Program Files (x86)\Revo Uninstaller Pro 4.2.3.exe
2020-10-26 00:11 - 2020-08-28 10:46 - 000036105 _____ () C:\Users\Petr\AppData\Local\crx.7z
2020-09-21 13:42 - 2020-09-30 09:43 - 000016438 _____ () C:\Users\Petr\AppData\Local\partner.bmp
2020-11-10 09:48 - 2020-11-12 10:59 - 000003040 _____ () C:\Users\Petr\AppData\Local\PlariumPlay.log
2019-10-11 21:56 - 2019-10-11 21:56 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by Petr (04-05-2022 09:51:36)
Running from D:\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1645 (X64) (2021-04-25 20:32:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4148571483-3592684963-3718319802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4148571483-3592684963-3718319802-503 - Limited - Disabled)
Guest (S-1-5-21-4148571483-3592684963-3718319802-501 - Limited - Disabled)
Petr (S-1-5-21-4148571483-3592684963-3718319802-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4148571483-3592684963-3718319802-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: COMODO Antivirus (Disabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Allway Sync (HKLM\...\{6E2A6AEF-1397-4888-BD6F-4C0D4968014D}) (Version: 20.0.5 - Botkind Inc.)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{567591EE-85F7-4E4D-AE28-FD65FCF4F201}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
CyberLink Ultra HD Blu-ray Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.3201 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.2.29539 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Horizon TV (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c95b0b82c5af06de43630c15663cdf58) (Version: 1.0 - Horizon TV)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
MediaHuman Audio Converter version 1.9.7.13 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7.13 - MediaHuman)
Messenger 73.2.121 (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 73.2.121 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.32 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Outlook Express Backup V6.5 (HKLM-x32\...\Outlook Express Backup_is1) (Version: - Genie-Soft)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version: - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{B526C51D-E228-4AA0-BBBB-42EB7A90631E}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Shadow of the Tomb Raider Cpy Čeština (HKLM-x32\...\{F233C280-925A-422A-91DD-F99B398A76E6}) (Version: 1.0.0 - cpy)
Someday Youll Return (HKLM-x32\...\Someday Youll Return_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Unlocker (HKLM-x32\...\{5577A25D-E4FE-4BFB-A660-E0D766BC4EDD}) (Version: 1.9.2 - ajua Custom Installers)
Update for Skype for Business 2016 (KB5002106) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{CAD6A356-5D93-4C0F-B3B2-2E45264E3F34}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{CAD6A356-5D93-4C0F-B3B2-2E45264E3F34}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{CAD6A356-5D93-4C0F-B3B2-2E45264E3F34}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-26] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-06] (Microsoft Corporation)
PC Health Check -> C:\Program Files\WindowsApps\Microsoft.Windows.PCHealthCheck_3.3.0.0_x64__cw5n1h2txyewy [2021-12-08] (Microsoft Windows)
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09] (Nik Rolls)
Video Converter, Compressor MP4, 3GP, MKV, MOV, AVI - All Formats Media Converter -> C:\Program Files\WindowsApps\8075Queenloft.VideoConverterCompressorMP43GPMKVMOV_1.1.11.0_x64__g5dqhteqemct8 [2022-02-11] (Queenloft)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [BotkindSyncShellExtension] -> {9E2E6460-89FF-452A-A9BA-E62EB80B8539} => C:\Program Files\Allway Sync\Bin\ShellExtension.dll [2020-04-07] () [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-03-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Horizon TV.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
==================== Loaded Modules (Whitelisted) =============
2022-03-09 18:44 - 2022-03-09 18:44 - 018143744 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\avcodec-58.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-03-08 10:57 - 2022-03-08 10:57 - 000683520 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2022-03-08 10:57 - 2022-03-08 10:57 - 000065024 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2022-03-09 18:43 - 2022-03-09 18:43 - 001764864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2021-11-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2022-02-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-11-26 12:13 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2D21074F-C974-41F4-A57D-1C1720D5B804}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D1B36E6-56E5-43CA-9899-6F7E736770FD}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFE34C6B-A89C-4D44-94F0-6AC287B8C862}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A424A64C-8889-4CA6-A98C-9444586AA9B0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0D0D985D-B8DC-44A2-A47D-3E100EEA2332}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{92E9A390-8B39-4754-A87F-BAA1DC60CDA2}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F3C53057-7838-46E6-8070-B423ABCE3F54}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{31F8E07C-AD31-4A78-AD9E-7E8BD1E22634}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{3331E4A6-556E-46BF-BEEB-17506B7B692F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0616D40-F28B-4098-9F26-7121D65B12C4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BDF124F-F167-472B-B53F-05236DE6E8C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05579D82-1060-49F2-B7C7-D71E22AFEAF0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AC432F64-0876-40BA-BEEC-65E4B3A96D2C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{830E9726-E213-4B83-B5ED-2A1CE79FA5DC}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7653A6A2-AA42-46D9-AF39-27E1C1CC69C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{25179E20-C49D-4227-936E-42077BC74DB3}D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{40558C21-E52B-461D-B6A8-D28D95792143}D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe (Rockstar Games) [File not signed]
==================== Restore Points =========================
26-04-2022 22:53:30 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/02/2022 03:39:59 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (05/02/2022 02:16:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x1714
Čas spuštění chybující aplikace: 0x01d85cdec1a4c850
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 95b59cf7-8398-4ec9-a763-2ced210532bf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/29/2022 07:47:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x2874
Čas spuštění chybující aplikace: 0x01d85b29c41dd480
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 291ccff9-4bfd-4d1f-88ac-7726c2f3a2a6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/28/2022 04:45:02 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (04/27/2022 04:29:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x189c
Čas spuštění chybující aplikace: 0x01d85a3c4caeb2d8
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 76b2fdc4-df86-48f3-95ac-8e5ea5e3f4c8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/27/2022 03:34:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x114
Čas spuštění chybující aplikace: 0x01d859a5baf24fe9
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b8cc5b74-e6fe-4a7a-8d0f-3ac84e2f5a1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/26/2022 08:46:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x311c
Čas spuštění chybující aplikace: 0x01d8599d3c17413a
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 50fd166d-005f-4d89-8beb-cb4bb6f65ed6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/26/2022 12:48:44 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
System errors:
=============
Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba isesrv byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Botkind Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD Crash Defender Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/26/2022 03:18:16 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (04/25/2022 10:43:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (04/24/2022 09:35:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
CodeIntegrity:
===============
Date: 2022-05-04 09:48:06
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1804 07/29/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 75%
Total physical RAM: 8128.72 MB
Available physical RAM: 2004.68 MB
Total Virtual: 16257.44 MB
Available Virtual: 3257.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.91 GB) (Free:14.35 GB) NTFS
Drive d: () (Fixed) (Total:447.13 GB) (Free:4.83 GB) NTFS
\\?\Volume{06f3911c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 06F39101)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 06F3911C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
ahoj,
citat"
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
citat"
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
Ahoj. Spustím poznámkový blok, zkopíruju do něj text, dám uložit jako fixlist.txt a uložím vedle FRST a vyskočí mi hláška - viz. příloha ... log se nevytvoří...
- Přílohy
-
- Bez názvu.jpg (70.62 KiB) Zobrazeno 4004 x
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
Skontroluj, aby oba subory frst.exe aj fixlist.txt boli na pracovnej ploche
Podla obrazku tam mas zastupcov - subory su niekde inde
Podla obrazku tam mas zastupcov - subory su niekde inde
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
Díky.Pro příště jsem poučen. A přikládám fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by Petr (06-05-2022 07:45:54) Run:2
Running from C:\Users\Petr\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION
EmptyTemp:
Reboot:
End
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be542a36-a650-11eb-9d45-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be542a4b-a650-11eb-9d45-40b0765e7062} => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{596FB038-E37F-4C52-B656-2EE2B5BAC0F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{596FB038-E37F-4C52-B656-2EE2B5BAC0F7}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AE3746B-8119-4786-A2BF-4C042AF0A679}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE3746B-8119-4786-A2BF-4C042AF0A679}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetFramework\Microsoft .NET Framework" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C35DB636-CB33-41F9-AF48-561E8F849516}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C35DB636-CB33-41F9-AF48-561E8F849516}" => removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE219F6F-E670-42B8-9944-A2083F1B0BF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE219F6F-E670-42B8-9944-A2083F1B0BF9}" => removed successfully
C:\WINDOWS\System32\Tasks\ByteFence => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence" => removed successfully
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E52EB04F-A13D-43D5-9702-ADB0938DF6DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52EB04F-A13D-43D5-9702-ADB0938DF6DB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28863400 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 60120671 B
Edge => 0 B
Chrome => 163840 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10706 B
NetworkService => 30468 B
Petr => 1619994 B
RecycleBin => 917 B
EmptyTemp: => 87.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:45:59 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by Petr (06-05-2022 07:45:54) Run:2
Running from C:\Users\Petr\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION
EmptyTemp:
Reboot:
End
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be542a36-a650-11eb-9d45-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be542a4b-a650-11eb-9d45-40b0765e7062} => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{596FB038-E37F-4C52-B656-2EE2B5BAC0F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{596FB038-E37F-4C52-B656-2EE2B5BAC0F7}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AE3746B-8119-4786-A2BF-4C042AF0A679}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE3746B-8119-4786-A2BF-4C042AF0A679}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetFramework\Microsoft .NET Framework" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C35DB636-CB33-41F9-AF48-561E8F849516}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C35DB636-CB33-41F9-AF48-561E8F849516}" => removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE219F6F-E670-42B8-9944-A2083F1B0BF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE219F6F-E670-42B8-9944-A2083F1B0BF9}" => removed successfully
C:\WINDOWS\System32\Tasks\ByteFence => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence" => removed successfully
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E52EB04F-A13D-43D5-9702-ADB0938DF6DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52EB04F-A13D-43D5-9702-ADB0938DF6DB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28863400 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 60120671 B
Edge => 0 B
Chrome => 163840 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10706 B
NetworkService => 30468 B
Petr => 1619994 B
RecycleBin => 917 B
EmptyTemp: => 87.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:45:59 ====
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
OK, vycistene - je este nejaky problem 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
moc dlouho jsem čekat nemusel a je to tu znovu. viz. příloha
- Přílohy
-
- virus 2.jpg (43.96 KiB) Zobrazeno 3979 x
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
preventivne prescanuj s NPE https://support.norton.com/sp/static/ex ... s/npe.html
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
přeskenováno...nic nenašel.
- Přílohy
-
- virus3.jpg (27.99 KiB) Zobrazeno 3974 x
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
pripada mi to ako falosna hlaska o viruse
mas tam nainstalovany McAfee na ktory sa odvolava
mas tam nainstalovany McAfee na ktory sa odvolava
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
ne, nemám... je to nějaký pop-up..jediný co použžívám je Comodo anti virus. Každopádně to vyskakuje, a to určitě není v pořádku. Sám si s tím ovšem neporadím...Proto jsem taky tady 
toto mi našel Malwares bytes před 4mi dny (to jsem si už myslel,že už bude vše v pořádku - ale není) Teď mi Malwares bytes hlásí , že nic nevidí.
toto mi našel Malwares bytes před 4mi dny (to jsem si už myslel,že už bude vše v pořádku - ale není) Teď mi Malwares bytes hlásí , že nic nevidí.
- Přílohy
-
- virus 4.jpg (57.6 KiB) Zobrazeno 3967 x
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
je potrebne zistit, co tuto hlasku vyvolava
pravdepodobne niektory internetovy prehliadac, skus ho docasne zmenit na niektory z dvojice Edge-Firefox
pravdepodobne niektory internetovy prehliadac, skus ho docasne zmenit na niektory z dvojice Edge-Firefox
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
Teď nechápu...To jako, že si mám nastavit jiný "domovsjý prohlížeč" ? Teď mám nastaven Edge
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
ano dobre si pochopil docasne namiesto Edge pouzivaj Firefox a sleduj, ci znovu vyskoci hlaska o viruse
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.
O.k....stáhnul jsem Firefox a dal jej jako výchozí...Jen mám dotaz...pokud se hláška objevovat nebude,co to pro mě znamená?..Já chci nadále používat Edge. Nicméně,teď tedy počkám, zda se to bude objevovat nebo ne.
Přispějete na provoz fóra?