Dobrý den,
kamarád se na mě obrátil ohledně výpadků internetu, s ISP to řešil a u něj je všechno v pořádku.
Díky moc za rady.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Slávek (26-07-2022 18:04:50)
Running from C:\Users\Slávek\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-01-06 19:25:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-135731915-3674959227-2928559306-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-135731915-3674959227-2928559306-503 - Limited - Disabled)
Guest (S-1-5-21-135731915-3674959227-2928559306-501 - Limited - Disabled)
Slávek (S-1-5-21-135731915-3674959227-2928559306-1001 - Administrator - Enabled) => C:\Users\Slávek
WDAGUtilityAccount (S-1-5-21-135731915-3674959227-2928559306-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.02 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 103.0.17593.116 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1208.2 - Piriform Software) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.259.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.77.5342 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation)
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Outlook (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.31.5 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Companion (HKLM-x32\...\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}) (Version: 7.0.2417.4248 - Lavasoft)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.6.385.0_x64__ynb6jyjzte8ga [2022-03-17] (Adobe Inc.)
Cradle of Empires -> C:\Program Files\WindowsApps\AWEMGAMESLTD.CradleofEmpires_7.50.670.0_x86__bk6jmky90x9y4 [2022-07-02] (AWEM GAMES LTD)
Crime Mysteries™: Find hidden objects & match 3 puzzle -> C:\Program Files\WindowsApps\828B5831.CrimeMysteriesMatch-3Cases_1.24.2600.0_x86__ytsefhwckbdv6 [2022-07-14] (G5 Entertainment AB)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.14.67.0_x64__rz1tebttyb220 [2022-07-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Emperor of Mahjong: Match tiles & restore a city -> C:\Program Files\WindowsApps\828B5831.JewelsofMahjongMatchtilesrestorethecity_1.27.2700.0_x64__ytsefhwckbdv6 [2022-07-02] (G5 Entertainment AB)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.1_neutral__2vp2pd36ganw2 [2022-05-28] (excel.office.com)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6 [2022-07-23] (G5 Entertainment AB)
Jewels of Rome: Match gems to restore the city -> C:\Program Files\WindowsApps\828B5831.JewelsofRomeMatchgemstorestorethecity_1.37.3700.0_x64__ytsefhwckbdv6 [2022-07-02] (G5 Entertainment AB)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.6090.0_x64__8wekyb3d8bbwe [2022-06-24] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-10] (Microsoft Studios) [MS Ad]
Pinterest -> C:\Program Files\WindowsApps\1424566A.147190DF3DE79_1.0.20.0_neutral__5byw4zywtsh80 [2021-05-02] (Pinterest Inc.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.103.0_x64__pwbj9vvecjh7j [2022-07-20] (Amazon Development Centre (London) Ltd)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.536.453.0_x86__55nm5eh3cm0pr [2022-07-24] (ROBLOX Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0 [2022-07-22] (Spotify AB) [Startup Task]
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.5_neutral__jc2kecmnkxwqc [2022-05-28] (word.office.com)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
==================== Loaded Modules (Whitelisted) =============
2021-01-06 23:08 - 2009-12-12 16:12 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-08-02 07:42:17&iid=085e8f3e-9df1-4ed5-a199-071c0c49f451&bName=
SearchScopes: HKU\S-1-5-21-135731915-3674959227-2928559306-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 81.25.28.250 - 81.25.16.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "RtsFT"
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_EB48762BEBE5EC73BAF6051F4BC9B411"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{B4B351BC-49AB-49DC-B556-742B954B855F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{72B70D9F-3542-4BF5-B4D4-C414F0B6236C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6729B41D-9403-4538-B1DC-C92897A3D606}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CD1043AA-7AD7-4DE6-85BC-4DCC8C66409F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{25CA59C9-D0E7-4356-85C6-EEC5D052BDC8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1DC6080A-F487-4F1A-AA73-E7D36005DCA0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BBCA9EB6-D8A9-4515-8534-27E5E09EE9E4}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{81091E96-C64C-4FFC-BE34-969D82FF43C9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{293B5A51-1A94-40E0-B858-85CD15B2B237}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA912668-5969-4A61-8445-1002C21E43CC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FD1D709B-5E92-4EEC-8DE3-0ECB642195EF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87212063-16F4-4C9A-A00F-17FAD1132603}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14F41831-6758-4444-BC7C-2473EE75333E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5759E490-0BF3-4B36-A92D-866639B907CD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3F58B1BC-B6EC-4B8D-A32C-5D4DD7D42572}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{751728B6-00A7-448B-B86A-890A4467829F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14CCF434-8B9E-4999-85D7-B0024EC9FE1A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85B5C02E-B846-49A7-B59D-482A8BF809FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FC3BB0AB-EF69-4255-9F05-1995063ACCE8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7227B828-A72D-4CBB-BD8F-E2FB1ECDC2A9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F9476F48-D57C-4744-912D-F93B5CF6195D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2F61CEF2-B9E9-42D8-89A0-C74BCCB50495}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DFD31397-1E0D-46BC-9FEC-B78681425E44}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{38509A54-407D-436D-823B-39DEDFA3DE9A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A640188E-EFF8-4937-AA02-608D950861FE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{366E313D-EACE-4F65-B9E1-A89715DAF1C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BBF8C7B8-065A-4401-ACCA-828FE340163B}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{4F288520-1BF1-4485-81D4-E366800488DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3329763D-CFAC-4275-B3A6-A93986A00BE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{639BA18B-4458-4B3B-A39A-3AA1AEFD69C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95BBAB29-0F25-4460-B2A2-86A30186E4F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B8F6AED-23C0-4912-B090-E5B4BA9461C4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{125FE7C9-598E-4C6D-881F-64DAA7893888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE74597D-4C27-4D5A-8EA8-CD7754A8B246}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{71C6435F-7B2A-46A5-B348-A41153045555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A853513B-7DE7-4AAA-B691-27FF310B6610}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC6B059E-7AE2-4B23-9EF9-66FC641C4FFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9A3E44A3-A5AA-4C37-8BE1-6471E550AE63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C2FEF9B-CB73-4733-B590-E13B7A609C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C84B8D8E-5C48-4F59-91DC-138B4141F94A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{185B1408-9A6B-4AC5-B5F8-A5A3CCE2FC42}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B35BDCB-1F96-4D6E-9FCE-DF2D309DE198}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4110ABA3-7A4D-490D-9AB3-8E122FC5922C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{464A8D48-3C62-43B4-8A01-2933E52D3059}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
15-07-2022 21:49:03 Naplánovaný kontrolní bod
25-07-2022 09:26:26 Naplánovaný kontrolní bod
25-07-2022 17:29:41 Installed Intel(R) Wireless Bluetooth(R)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/26/2022 05:39:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1806 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2790
Čas spuštění: 01d8a047e6d73eff
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 93e0a984-faee-4c0c-b668-7aaf1ee036d8
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (07/26/2022 02:21:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HiddenCityUWP.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: ef8
Čas spuštění: 01d8a0ea006d866f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6\HiddenCityUWP.exe
ID hlášení: a2e11568-ac58-4f28-95c8-91179bb979da
Úplný název balíčku s chybou: 828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Cross-thread
Error: (07/26/2022 02:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.822.6271.0, časové razítko: 0x62b9e0ef
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1826, časové razítko: 0x299341e8
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010fb62
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0x01d8a0e9b7b7176b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 5da822e7-d4ba-409b-9b52-34123f375f42
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/25/2022 06:04:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WWAHost.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2030
Čas spuštění: 01d8a03fc605055f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\System32\WWAHost.exe
ID hlášení: 90fbf380-bec0-4ce7-bf70-28a45ec0daee
Úplný název balíčku s chybou: Microsoft.Windows.CloudExperienceHost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/24/2022 09:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1806 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 334c
Čas spuštění: 01d89dcd861adcef
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 39d1052e-0fd8-4017-9479-8eddd9bd2a21
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (07/23/2022 01:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.822.6271.0, časové razítko: 0x62b9e0ef
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1826, časové razítko: 0x299341e8
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010fb62
ID chybujícího procesu: 0x1a68
Čas spuštění chybující aplikace: 0x01d89e84a365661b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: bb122b6b-f5a1-44a6-93d6-5ebb23c4cc51
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/23/2022 01:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Solitaire.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3214
Čas spuštění: 01d89da36e46314a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe\Solitaire.exe
ID hlášení: 40db5ad1-370e-45d2-a9d5-50b773fa1fc9
Úplný název balíčku s chybou: Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/22/2022 09:07:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Seagate Backup Plus Drive (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (07/25/2022 06:52:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/25/2022 06:51:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (07/25/2022 06:49:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (07/25/2022 06:47:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (07/25/2022 06:44:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (07/25/2022 06:40:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WCAssistantService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/25/2022 06:40:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby WCAssistantService bylo dosaženo časového limitu (45000 ms).
Error: (07/25/2022 05:51:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Windows Defender:
================
Date: 2021-08-01 19:00:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BF802CFF-3DC1-47DD-9832-C66CD50444EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-30 19:41:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5F859083-50C7-43E7-A80B-A87B59D04B93}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-29 19:40:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F664EA66-4628-4B62-9C3C-12648E109614}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-28 23:17:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A862A88-5B48-4DBF-9724-A8C30F363D48}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-27 19:40:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3356D95A-7BB1-4E30-A6F2-6108C48DF795}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-07-26 14:57:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-07-26 12:38:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO B0CN72WW 01/27/2015
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 90%
Total physical RAM: 4016.45 MB
Available physical RAM: 367.23 MB
Total Virtual: 10160.45 MB
Available Virtual: 4876.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.03 GB) (Free:350.34 GB) (Model: HGST HTS541075A9E680) NTFS
Drive d: (Seagate Backup Plus Drive) (Fixed) (Total:9313.87 GB) (Free:2107.75 GB) (Model: Seagate Backup+ Hub BK SCSI Disk Device) NTFS
Drive f: (Elements) (Fixed) (Total:2794.49 GB) (Free:1340.54 GB) (Model: WD Elements 25A2 USB Device) NTFS
\\?\Volume{2ee95c4e-a3f8-49ed-8b2f-6604bdb01ed3}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa9f589d-4880-4d85-b6cb-bbcc39917bc5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00A32510)
Partition: GPT.
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 2 (Size: 9314 GB) (Disk ID: 232B46A9)
Partition: GPT.
==================== End of Addition.txt =======================
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe\Solitaire.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213760 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [37054552 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-08-02] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [CCleanerBrowserAutoLaunch_EB48762BEBE5EC73BAF6051F4BC9B411] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [MicrosoftEdgeAutoLaunch_F3281F16D0281E948AF7375C79C3D58C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601832 2022-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File)
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\Windows\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\Installer\chrmstp.exe [2022-07-13] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E6A892E-35C4-4AF8-9EE2-948687B19325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {0F58B38F-3FE9-4CA6-9F5D-9944B783797B} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
Task: {3B1432E1-FCFE-4B07-973F-EFF3982A0548} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
Task: {71D4E029-ACF3-42B8-B249-5B455C031F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {88D9057F-E34E-4C4D-9737-ECD6E29ADEED} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4938496 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A56CE2B6-C253-4F07-A94E-9B5DE0C700A6} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
Task: {A727AA52-291E-42E5-9E8B-6D6357FF84E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {C6660898-B91C-4A87-98A1-DD49379DE281} - System32\Tasks\CCleanerSkipUAC - Slávek => C:\Program Files\CCleaner\CCleaner.exe [31101528 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0CEEE21-C3A1-431F-A3EE-58411CA168CC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
Task: {FE7C3E25-73BD-48B8-A4CD-70DEF8D83598} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-07-18] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.25.28.250 81.25.16.250
Tcpip\..\Interfaces\{52d6a99c-e91b-45b8-b01d-2805788e3765}: [DhcpNameServer] 81.25.28.250 81.25.16.250
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-26]
Edge Extension: (Outlook) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-06]
Edge Extension: (Word) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-06]
Edge Extension: (Excel) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-06]
Edge Extension: (PowerPoint) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-06]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [2022-06-23] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [2022-06-23] (Piriform Software Ltd -> Piriform Software)
Chrome:
=======
CHR Profile: C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default [2022-07-08]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-06]
CHR Extension: (Dokumenty) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-06]
CHR Extension: (Disk Google) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-06]
CHR Extension: (YouTube) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-06]
CHR Extension: (Tabulky) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-06]
CHR Profile: C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8486968 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [590080 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589056 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-02] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\elevation_service.exe [1991960 2022-07-05] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16184216 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UIUService; C:\Windows\SysWOW64\UIUSrv.exe [105984 2021-01-06] (Conexant Systems, Inc.) [File not signed]
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-08-02] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [41832 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235584 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [385560 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [258072 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [104976 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25048 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [47976 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274536 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [553928 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [113984 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [89056 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [860416 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [668208 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221528 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324864 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-26 17:50 - 2022-07-26 17:53 - 000021104 _____ C:\Users\Slávek\Desktop\FRST.txt
2022-07-26 17:49 - 2022-07-26 17:52 - 000000000 ____D C:\FRST
2022-07-26 17:48 - 2022-07-26 17:48 - 002369536 _____ (Farbar) C:\Users\Slávek\Desktop\FRST64(1).exe
2022-07-26 17:10 - 2022-07-26 17:20 - 2667853498 _____ C:\Users\Slávek\Downloads\Laska.na.spickach.2021.1080p.x264 CZ.mkv
2022-07-26 16:42 - 2022-07-26 16:42 - 000002151 _____ C:\Users\Slávek\Desktop\Goodgame Empire.lnk
2022-07-26 00:06 - 2022-07-26 18:04 - 1889533952 _____ C:\Users\Slávek\Downloads\Láska našpičkách-2021-CZ-VLHY.mkv.crdownload
2022-07-25 18:22 - 2022-07-25 18:22 - 000000000 ____D C:\Windows\LastGood
2022-07-25 17:32 - 2022-07-25 17:32 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-07-25 17:31 - 2022-07-25 17:31 - 000000000 ____D C:\Program Files (x86)\Intel
2022-07-25 17:07 - 2022-07-25 17:16 - 000000000 ____D C:\Users\Slávek\AppData\Local\TeamViewer
2022-07-25 17:06 - 2022-07-26 17:27 - 000000000 ____D C:\Program Files\TeamViewer
2022-07-25 17:06 - 2022-07-25 17:06 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-07-25 17:06 - 2022-07-25 17:06 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-07-25 17:06 - 2022-07-25 17:06 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\TeamViewer
2022-07-16 17:22 - 2022-07-16 17:22 - 002794373 _____ C:\Users\Slávek\Documents\Občan Havel.pdf
2022-07-14 06:58 - 2022-07-14 06:58 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-14 06:58 - 2022-07-14 06:58 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2022-07-14 06:58 - 2022-07-14 06:58 - 000018944 _____ C:\Windows\SysWOW64\WsdProviderUtil.dll
2022-07-14 06:58 - 2022-07-14 06:58 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2022-07-14 06:58 - 2022-07-14 06:58 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000693248 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-14 06:57 - 2022-07-14 06:57 - 000270848 _____ C:\Windows\system32\EsclScan.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000152064 _____ C:\Windows\system32\EsclProtocol.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mode.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\tree.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\chcp.com
2022-07-14 06:56 - 2022-07-14 06:56 - 000011811 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-14 06:55 - 2022-07-14 06:55 - 000061952 _____ C:\Windows\system32\printticketvalidation.dll
2022-07-14 06:55 - 2022-07-14 06:55 - 000057344 _____ C:\Windows\system32\APMonUI.dll
2022-07-14 06:53 - 2022-07-14 06:53 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-14 06:53 - 2022-07-14 06:53 - 000024576 _____ C:\Windows\system32\WsdProviderUtil.dll
2022-07-14 06:52 - 2022-07-14 06:52 - 000640512 _____ C:\Windows\system32\SettingSyncDownloadHelper.dll
2022-07-14 06:52 - 2022-07-14 06:52 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-14 05:33 - 2022-07-14 05:33 - 000000000 ___HD C:\$WinREAgent
2022-07-12 20:30 - 2022-07-12 20:29 - 000270592 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-07-12 20:30 - 2022-07-12 20:29 - 000221528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-07-04 10:27 - 2022-07-04 11:34 - 000000000 ____D C:\Users\Slávek\Documents\povidky
2022-07-02 09:43 - 2022-07-02 09:43 - 000075180 _____ C:\Users\Slávek\Downloads\vf135422022.isdocx
2022-06-27 18:00 - 2022-06-27 18:00 - 000025048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-26 17:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-26 17:03 - 2021-01-06 21:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-07-26 17:02 - 2021-01-06 23:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-26 16:43 - 2022-05-21 23:13 - 000000000 ____D C:\Users\Slávek\Downloads\ULOŽÍT do nových seriálů
2022-07-26 16:42 - 2021-08-02 09:40 - 000000000 _____ C:\end
2022-07-26 16:41 - 2021-08-02 09:39 - 000003672 _____ C:\nsispromotion_log.txt
2022-07-26 16:04 - 2021-07-02 15:49 - 000004212 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{79C6F87A-BF76-4C3E-A581-0777AD1171AA}
2022-07-26 16:01 - 2021-07-02 15:53 - 000000000 ____D C:\Program Files\CCleaner
2022-07-26 14:20 - 2022-06-23 17:01 - 000003104 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-07-26 14:20 - 2022-06-23 17:01 - 000002622 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2022-07-26 14:20 - 2022-06-23 17:00 - 000003456 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-07-26 14:20 - 2022-06-23 17:00 - 000003232 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-07-26 14:20 - 2021-12-11 12:34 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-135731915-3674959227-2928559306-1001
2022-07-26 14:20 - 2021-08-19 10:12 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Slávek
2022-07-26 14:20 - 2021-08-02 22:46 - 000000000 ____D C:\Users\Slávek\AppData\Local\CrashDumps
2022-07-26 14:20 - 2021-08-02 09:49 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-07-26 14:20 - 2021-07-30 15:48 - 000000000 ____D C:\Users\Slávek\AppData\Local\ClassicShell
2022-07-26 14:20 - 2021-07-02 15:53 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-07-26 14:20 - 2021-01-06 23:09 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-07-26 14:20 - 2021-01-06 23:09 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-07-26 14:20 - 2021-01-06 22:56 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-26 14:20 - 2021-01-06 22:56 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-26 14:20 - 2021-01-06 21:52 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-135731915-3674959227-2928559306-1001
2022-07-26 14:01 - 2022-02-12 23:41 - 000000000 ____D C:\Users\Slávek\Downloads\Prozatím
2022-07-26 11:57 - 2021-01-06 21:28 - 000002380 _____ C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-26 11:50 - 2021-01-06 21:29 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-26 11:50 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-07-26 11:50 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-07-26 11:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-07-26 00:31 - 2021-08-02 09:48 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-07-25 19:13 - 2021-01-06 21:41 - 000000000 ____D C:\Intel
2022-07-25 18:42 - 2021-08-02 09:41 - 000000000 ____D C:\ProgramData\Avast Software
2022-07-25 18:38 - 2021-01-06 21:46 - 000000000 __SHD C:\Users\Slávek\IntelGraphicsProfiles
2022-07-25 18:38 - 2021-01-06 21:41 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-25 18:37 - 2021-01-06 21:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-25 18:37 - 2021-01-06 21:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-25 18:37 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2022-07-25 17:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-07-25 17:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-25 17:44 - 2021-01-06 21:16 - 000446160 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-24 22:32 - 2021-01-06 22:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-24 22:32 - 2021-01-06 22:57 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-24 17:49 - 2021-01-06 23:13 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\vlc
2022-07-24 15:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-07-24 15:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2022-07-22 04:05 - 2021-01-06 23:10 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-22 04:05 - 2021-01-06 23:10 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-20 22:11 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-14 06:51 - 2021-01-06 21:19 - 003010560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-07-14 05:28 - 2021-01-06 21:41 - 000000000 ____D C:\Windows\system32\MRT
2022-07-14 05:21 - 2021-01-06 21:40 - 146546848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-07-13 21:09 - 2022-06-23 17:01 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-07-13 21:09 - 2022-06-23 17:01 - 000002352 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2022-07-13 21:09 - 2022-06-23 16:59 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-07-12 20:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-07-12 20:29 - 2021-08-02 09:48 - 000860416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000668208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000553928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000385560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000324864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000274536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000258072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000113984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000104976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000089056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000047976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-07-06 00:23 - 2021-05-17 11:05 - 000092920 _____ C:\Users\Slávek\AppData\Local\GDIPFONTCACHEV1.DAT
2022-07-01 10:08 - 2022-05-22 11:55 - 000000000 ____D C:\Users\Slávek\Documents\GOMPlayer
2022-07-01 00:57 - 2022-06-21 11:26 - 000000000 ____D C:\Users\Slávek\Downloads\Nové seriály
2022-06-27 18:21 - 2021-01-06 21:29 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories ========
2022-07-26 16:42 - 2022-07-26 16:42 - 000370070 _____ () C:\Users\Slávek\AppData\Roaming\logo_empire_desktop.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Výpadky internetu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výpadky internetu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výpadky internetu
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2022
# Duration: 00:00:25
# OS: Windows 10 Home
# Scanned: 32053
# Detected: 19
***** [ Services ] *****
PUP.Optional.Legacy WCAssistantService
***** [ Folders ] *****
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Slávek\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
PUP.Optional.WebCompanion C:\Users\Slávek\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
PUP.Optional.Legacy C:\END
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|UninstallString
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-26-2022
# Duration: 00:00:16
# OS: Windows 10 Home
# Cleaned: 19
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Slávek\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted C:\Users\Slávek\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|UninstallString
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3307 octets] - [26/07/2022 21:02:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2022
# Duration: 00:00:25
# OS: Windows 10 Home
# Scanned: 32053
# Detected: 19
***** [ Services ] *****
PUP.Optional.Legacy WCAssistantService
***** [ Folders ] *****
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Slávek\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
PUP.Optional.WebCompanion C:\Users\Slávek\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
PUP.Optional.Legacy C:\END
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|UninstallString
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-26-2022
# Duration: 00:00:16
# OS: Windows 10 Home
# Cleaned: 19
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Slávek\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted C:\Users\Slávek\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f11aa0f2-815b-4aa8-9f6e-ca75d28e0428}|UninstallString
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3307 octets] - [26/07/2022 21:02:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výpadky internetu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výpadky internetu
Díky 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-07-2022
Ran by Slávek (administrator) on DESKTOP-CPRA0SF (LENOVO 80L0) (26-07-2022 22:08:52)
Running from C:\Users\Slávek\Desktop
Loaded Profiles: Slávek
Platform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213760 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [37054552 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [CCleanerBrowserAutoLaunch_EB48762BEBE5EC73BAF6051F4BC9B411] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [MicrosoftEdgeAutoLaunch_F3281F16D0281E948AF7375C79C3D58C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601832 2022-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File)
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\Windows\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\Installer\chrmstp.exe [2022-07-13] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E6A892E-35C4-4AF8-9EE2-948687B19325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {0F58B38F-3FE9-4CA6-9F5D-9944B783797B} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
Task: {3B1432E1-FCFE-4B07-973F-EFF3982A0548} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
Task: {71D4E029-ACF3-42B8-B249-5B455C031F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {88D9057F-E34E-4C4D-9737-ECD6E29ADEED} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4938496 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A56CE2B6-C253-4F07-A94E-9B5DE0C700A6} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
Task: {A727AA52-291E-42E5-9E8B-6D6357FF84E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {C6660898-B91C-4A87-98A1-DD49379DE281} - System32\Tasks\CCleanerSkipUAC - Slávek => C:\Program Files\CCleaner\CCleaner.exe [31101528 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0CEEE21-C3A1-431F-A3EE-58411CA168CC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
Task: {FE7C3E25-73BD-48B8-A4CD-70DEF8D83598} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-07-18] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.25.28.250 81.25.16.250
Tcpip\..\Interfaces\{52d6a99c-e91b-45b8-b01d-2805788e3765}: [DhcpNameServer] 81.25.28.250 81.25.16.250
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-26]
Edge Extension: (Outlook) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-06]
Edge Extension: (Word) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-06]
Edge Extension: (Excel) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-06]
Edge Extension: (PowerPoint) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-06]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [2022-06-23] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [2022-06-23] (Piriform Software Ltd -> Piriform Software)
Chrome:
=======
CHR Profile: C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default [2022-07-08]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-06]
CHR Extension: (Dokumenty) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-06]
CHR Extension: (Disk Google) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-06]
CHR Extension: (YouTube) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-06]
CHR Extension: (Tabulky) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-06]
CHR Profile: C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8486968 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [590080 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589056 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-02] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\elevation_service.exe [1991960 2022-07-05] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16241056 2022-07-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 UIUService; C:\Windows\SysWOW64\UIUSrv.exe [105984 2021-01-06] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [41832 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235584 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [385560 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [258072 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [104976 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25048 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [47976 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274536 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [553928 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [113984 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [89056 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [860416 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [668208 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221528 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324864 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-26 21:01 - 2022-07-26 21:04 - 000000000 ____D C:\AdwCleaner
2022-07-26 20:36 - 2022-07-26 20:47 - 1256375627 _____ C:\Users\Slávek\Downloads\ZOO 47.DÍL Konec jedné éry(SERIÁL CZ)2022.MP4.mp4
2022-07-26 18:54 - 2022-07-26 18:54 - 008551608 _____ (Malwarebytes) C:\Users\Slávek\Desktop\adwcleaner.exe
2022-07-26 18:04 - 2022-07-26 18:15 - 000038611 _____ C:\Users\Slávek\Desktop\Addition.txt
2022-07-26 17:50 - 2022-07-26 22:11 - 000018368 _____ C:\Users\Slávek\Desktop\FRST.txt
2022-07-26 17:49 - 2022-07-26 22:10 - 000000000 ____D C:\FRST
2022-07-26 17:48 - 2022-07-26 17:48 - 002369536 _____ (Farbar) C:\Users\Slávek\Desktop\FRST64(1).exe
2022-07-25 18:22 - 2022-07-25 18:22 - 000000000 ____D C:\Windows\LastGood
2022-07-25 17:32 - 2022-07-25 17:32 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-07-25 17:31 - 2022-07-25 17:31 - 000000000 ____D C:\Program Files (x86)\Intel
2022-07-25 17:07 - 2022-07-25 17:16 - 000000000 ____D C:\Users\Slávek\AppData\Local\TeamViewer
2022-07-25 17:06 - 2022-07-26 18:51 - 000000000 ____D C:\Program Files\TeamViewer
2022-07-25 17:06 - 2022-07-25 17:06 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-07-25 17:06 - 2022-07-25 17:06 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-07-25 17:06 - 2022-07-25 17:06 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\TeamViewer
2022-07-16 17:22 - 2022-07-16 17:22 - 002794373 _____ C:\Users\Slávek\Documents\Občan Havel.pdf
2022-07-14 06:58 - 2022-07-14 06:58 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-14 06:58 - 2022-07-14 06:58 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2022-07-14 06:58 - 2022-07-14 06:58 - 000018944 _____ C:\Windows\SysWOW64\WsdProviderUtil.dll
2022-07-14 06:58 - 2022-07-14 06:58 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2022-07-14 06:58 - 2022-07-14 06:58 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000693248 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-14 06:57 - 2022-07-14 06:57 - 000270848 _____ C:\Windows\system32\EsclScan.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000152064 _____ C:\Windows\system32\EsclProtocol.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mode.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\tree.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\chcp.com
2022-07-14 06:56 - 2022-07-14 06:56 - 000011811 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-14 06:55 - 2022-07-14 06:55 - 000061952 _____ C:\Windows\system32\printticketvalidation.dll
2022-07-14 06:55 - 2022-07-14 06:55 - 000057344 _____ C:\Windows\system32\APMonUI.dll
2022-07-14 06:53 - 2022-07-14 06:53 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-14 06:53 - 2022-07-14 06:53 - 000024576 _____ C:\Windows\system32\WsdProviderUtil.dll
2022-07-14 06:52 - 2022-07-14 06:52 - 000640512 _____ C:\Windows\system32\SettingSyncDownloadHelper.dll
2022-07-14 06:52 - 2022-07-14 06:52 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-14 05:33 - 2022-07-14 05:33 - 000000000 ___HD C:\$WinREAgent
2022-07-12 20:30 - 2022-07-12 20:29 - 000270592 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-07-12 20:30 - 2022-07-12 20:29 - 000221528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-07-04 10:27 - 2022-07-04 11:34 - 000000000 ____D C:\Users\Slávek\Documents\povidky
2022-07-02 09:43 - 2022-07-02 09:43 - 000075180 _____ C:\Users\Slávek\Downloads\vf135422022.isdocx
2022-06-27 18:00 - 2022-06-27 18:00 - 000025048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-26 22:02 - 2021-01-06 23:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-26 21:53 - 2021-01-06 21:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-07-26 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-07-26 21:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-26 21:04 - 2021-08-02 09:42 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:42 - 000000000 ____D C:\Users\Slávek\AppData\Local\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:41 - 000000000 ____D C:\ProgramData\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:41 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2022-07-26 20:34 - 2022-02-12 23:41 - 000000000 ____D C:\Users\Slávek\Downloads\Prozatím
2022-07-26 16:43 - 2022-05-21 23:13 - 000000000 ____D C:\Users\Slávek\Downloads\ULOŽÍT do nových seriálů
2022-07-26 16:41 - 2021-08-02 09:39 - 000003672 _____ C:\nsispromotion_log.txt
2022-07-26 16:04 - 2021-07-02 15:49 - 000004212 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{79C6F87A-BF76-4C3E-A581-0777AD1171AA}
2022-07-26 16:01 - 2021-07-02 15:53 - 000000000 ____D C:\Program Files\CCleaner
2022-07-26 14:20 - 2022-06-23 17:01 - 000003104 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-07-26 14:20 - 2022-06-23 17:01 - 000002622 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2022-07-26 14:20 - 2022-06-23 17:00 - 000003456 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-07-26 14:20 - 2022-06-23 17:00 - 000003232 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-07-26 14:20 - 2021-12-11 12:34 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-135731915-3674959227-2928559306-1001
2022-07-26 14:20 - 2021-08-19 10:12 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Slávek
2022-07-26 14:20 - 2021-08-02 22:46 - 000000000 ____D C:\Users\Slávek\AppData\Local\CrashDumps
2022-07-26 14:20 - 2021-08-02 09:49 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-07-26 14:20 - 2021-07-30 15:48 - 000000000 ____D C:\Users\Slávek\AppData\Local\ClassicShell
2022-07-26 14:20 - 2021-07-02 15:53 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-07-26 14:20 - 2021-01-06 23:09 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-07-26 14:20 - 2021-01-06 23:09 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-07-26 14:20 - 2021-01-06 22:56 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-26 14:20 - 2021-01-06 22:56 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-26 14:20 - 2021-01-06 21:52 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-135731915-3674959227-2928559306-1001
2022-07-26 11:57 - 2021-01-06 21:28 - 000002380 _____ C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-26 11:50 - 2021-01-06 21:29 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-26 11:50 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-07-26 11:50 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-07-26 11:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-07-26 00:31 - 2021-08-02 09:48 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-07-25 19:13 - 2021-01-06 21:41 - 000000000 ____D C:\Intel
2022-07-25 18:42 - 2021-08-02 09:41 - 000000000 ____D C:\ProgramData\Avast Software
2022-07-25 18:38 - 2021-01-06 21:46 - 000000000 __SHD C:\Users\Slávek\IntelGraphicsProfiles
2022-07-25 18:38 - 2021-01-06 21:41 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-25 18:37 - 2021-01-06 21:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-25 18:37 - 2021-01-06 21:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-25 18:37 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2022-07-25 17:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-25 17:44 - 2021-01-06 21:16 - 000446160 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-24 22:32 - 2021-01-06 22:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-24 22:32 - 2021-01-06 22:57 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-24 17:49 - 2021-01-06 23:13 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\vlc
2022-07-24 15:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-07-24 15:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2022-07-22 04:05 - 2021-01-06 23:10 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-22 04:05 - 2021-01-06 23:10 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-20 22:11 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-14 06:51 - 2021-01-06 21:19 - 003010560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-07-14 05:28 - 2021-01-06 21:41 - 000000000 ____D C:\Windows\system32\MRT
2022-07-14 05:21 - 2021-01-06 21:40 - 146546848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-07-13 21:09 - 2022-06-23 17:01 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-07-13 21:09 - 2022-06-23 17:01 - 000002352 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2022-07-13 21:09 - 2022-06-23 16:59 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-07-12 20:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-07-12 20:29 - 2021-08-02 09:48 - 000860416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000668208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000553928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000385560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000324864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000274536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000258072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000113984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000104976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000089056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000047976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-07-06 00:23 - 2021-05-17 11:05 - 000092920 _____ C:\Users\Slávek\AppData\Local\GDIPFONTCACHEV1.DAT
2022-07-01 10:08 - 2022-05-22 11:55 - 000000000 ____D C:\Users\Slávek\Documents\GOMPlayer
2022-07-01 00:57 - 2022-06-21 11:26 - 000000000 ____D C:\Users\Slávek\Downloads\Nové seriály
2022-06-27 18:21 - 2021-01-06 21:29 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories ========
2022-07-26 16:42 - 2022-07-26 16:42 - 000370070 _____ () C:\Users\Slávek\AppData\Roaming\logo_empire_desktop.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Slávek (26-07-2022 22:14:20)
Running from C:\Users\Slávek\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-01-06 19:25:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-135731915-3674959227-2928559306-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-135731915-3674959227-2928559306-503 - Limited - Disabled)
Guest (S-1-5-21-135731915-3674959227-2928559306-501 - Limited - Disabled)
Slávek (S-1-5-21-135731915-3674959227-2928559306-1001 - Administrator - Enabled) => C:\Users\Slávek
WDAGUtilityAccount (S-1-5-21-135731915-3674959227-2928559306-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.02 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 103.0.17593.116 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1208.2 - Piriform Software) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.259.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.77.5342 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation)
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Outlook (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.32.3 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.6.385.0_x64__ynb6jyjzte8ga [2022-03-17] (Adobe Inc.)
Cradle of Empires -> C:\Program Files\WindowsApps\AWEMGAMESLTD.CradleofEmpires_7.50.670.0_x86__bk6jmky90x9y4 [2022-07-02] (AWEM GAMES LTD)
Crime Mysteries™: Find hidden objects & match 3 puzzle -> C:\Program Files\WindowsApps\828B5831.CrimeMysteriesMatch-3Cases_1.24.2600.0_x86__ytsefhwckbdv6 [2022-07-14] (G5 Entertainment AB)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.14.67.0_x64__rz1tebttyb220 [2022-07-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Emperor of Mahjong: Match tiles & restore a city -> C:\Program Files\WindowsApps\828B5831.JewelsofMahjongMatchtilesrestorethecity_1.27.2700.0_x64__ytsefhwckbdv6 [2022-07-02] (G5 Entertainment AB)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.1_neutral__2vp2pd36ganw2 [2022-05-28] (excel.office.com)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6 [2022-07-23] (G5 Entertainment AB)
Jewels of Rome: Match gems to restore the city -> C:\Program Files\WindowsApps\828B5831.JewelsofRomeMatchgemstorestorethecity_1.37.3700.0_x64__ytsefhwckbdv6 [2022-07-02] (G5 Entertainment AB)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.6090.0_x64__8wekyb3d8bbwe [2022-06-24] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-10] (Microsoft Studios) [MS Ad]
Pinterest -> C:\Program Files\WindowsApps\1424566A.147190DF3DE79_1.0.20.0_neutral__5byw4zywtsh80 [2021-05-02] (Pinterest Inc.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.103.0_x64__pwbj9vvecjh7j [2022-07-20] (Amazon Development Centre (London) Ltd)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.536.453.0_x86__55nm5eh3cm0pr [2022-07-24] (ROBLOX Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0 [2022-07-22] (Spotify AB) [Startup Task]
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.5_neutral__jc2kecmnkxwqc [2022-05-28] (word.office.com)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
==================== Loaded Modules (Whitelisted) =============
2021-01-06 23:08 - 2009-12-12 16:12 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-08-02 07:42:17&iid=085e8f3e-9df1-4ed5-a199-071c0c49f451&bName=
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 81.25.28.250 - 81.25.16.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "RtsFT"
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_EB48762BEBE5EC73BAF6051F4BC9B411"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{B4B351BC-49AB-49DC-B556-742B954B855F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{72B70D9F-3542-4BF5-B4D4-C414F0B6236C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6729B41D-9403-4538-B1DC-C92897A3D606}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CD1043AA-7AD7-4DE6-85BC-4DCC8C66409F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{25CA59C9-D0E7-4356-85C6-EEC5D052BDC8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1DC6080A-F487-4F1A-AA73-E7D36005DCA0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BBCA9EB6-D8A9-4515-8534-27E5E09EE9E4}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{81091E96-C64C-4FFC-BE34-969D82FF43C9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{293B5A51-1A94-40E0-B858-85CD15B2B237}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA912668-5969-4A61-8445-1002C21E43CC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FD1D709B-5E92-4EEC-8DE3-0ECB642195EF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87212063-16F4-4C9A-A00F-17FAD1132603}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14F41831-6758-4444-BC7C-2473EE75333E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5759E490-0BF3-4B36-A92D-866639B907CD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3F58B1BC-B6EC-4B8D-A32C-5D4DD7D42572}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{751728B6-00A7-448B-B86A-890A4467829F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14CCF434-8B9E-4999-85D7-B0024EC9FE1A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85B5C02E-B846-49A7-B59D-482A8BF809FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FC3BB0AB-EF69-4255-9F05-1995063ACCE8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7227B828-A72D-4CBB-BD8F-E2FB1ECDC2A9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F9476F48-D57C-4744-912D-F93B5CF6195D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2F61CEF2-B9E9-42D8-89A0-C74BCCB50495}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DFD31397-1E0D-46BC-9FEC-B78681425E44}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{38509A54-407D-436D-823B-39DEDFA3DE9A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A640188E-EFF8-4937-AA02-608D950861FE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{366E313D-EACE-4F65-B9E1-A89715DAF1C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BBF8C7B8-065A-4401-ACCA-828FE340163B}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{4F288520-1BF1-4485-81D4-E366800488DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3329763D-CFAC-4275-B3A6-A93986A00BE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{639BA18B-4458-4B3B-A39A-3AA1AEFD69C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95BBAB29-0F25-4460-B2A2-86A30186E4F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B8F6AED-23C0-4912-B090-E5B4BA9461C4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{125FE7C9-598E-4C6D-881F-64DAA7893888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE74597D-4C27-4D5A-8EA8-CD7754A8B246}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{71C6435F-7B2A-46A5-B348-A41153045555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A853513B-7DE7-4AAA-B691-27FF310B6610}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC6B059E-7AE2-4B23-9EF9-66FC641C4FFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9A3E44A3-A5AA-4C37-8BE1-6471E550AE63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C2FEF9B-CB73-4733-B590-E13B7A609C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C84B8D8E-5C48-4F59-91DC-138B4141F94A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{185B1408-9A6B-4AC5-B5F8-A5A3CCE2FC42}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B35BDCB-1F96-4D6E-9FCE-DF2D309DE198}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4110ABA3-7A4D-490D-9AB3-8E122FC5922C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{464A8D48-3C62-43B4-8A01-2933E52D3059}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DB2E723D-E2A2-44F4-9A62-C0901324653A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FEAB22A1-2FE8-448F-B4D2-B74BDCB1DE7E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{22D655E9-6515-4FD7-9FA6-231B2960D9C9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BE67BC51-5B57-437B-B231-BA8C252DD6C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
15-07-2022 21:49:03 Naplánovaný kontrolní bod
25-07-2022 09:26:26 Naplánovaný kontrolní bod
25-07-2022 17:29:41 Installed Intel(R) Wireless Bluetooth(R)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/26/2022 05:39:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1806 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2790
Čas spuštění: 01d8a047e6d73eff
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 93e0a984-faee-4c0c-b668-7aaf1ee036d8
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (07/26/2022 02:21:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HiddenCityUWP.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: ef8
Čas spuštění: 01d8a0ea006d866f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6\HiddenCityUWP.exe
ID hlášení: a2e11568-ac58-4f28-95c8-91179bb979da
Úplný název balíčku s chybou: 828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Cross-thread
Error: (07/26/2022 02:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.822.6271.0, časové razítko: 0x62b9e0ef
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1826, časové razítko: 0x299341e8
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010fb62
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0x01d8a0e9b7b7176b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 5da822e7-d4ba-409b-9b52-34123f375f42
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/25/2022 06:04:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WWAHost.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2030
Čas spuštění: 01d8a03fc605055f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\System32\WWAHost.exe
ID hlášení: 90fbf380-bec0-4ce7-bf70-28a45ec0daee
Úplný název balíčku s chybou: Microsoft.Windows.CloudExperienceHost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/24/2022 09:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1806 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 334c
Čas spuštění: 01d89dcd861adcef
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 39d1052e-0fd8-4017-9479-8eddd9bd2a21
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (07/23/2022 01:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.822.6271.0, časové razítko: 0x62b9e0ef
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1826, časové razítko: 0x299341e8
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010fb62
ID chybujícího procesu: 0x1a68
Čas spuštění chybující aplikace: 0x01d89e84a365661b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: bb122b6b-f5a1-44a6-93d6-5ebb23c4cc51
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/23/2022 01:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Solitaire.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3214
Čas spuštění: 01d89da36e46314a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe\Solitaire.exe
ID hlášení: 40db5ad1-370e-45d2-a9d5-50b773fa1fc9
Úplný název balíčku s chybou: Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/22/2022 09:07:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Seagate Backup Plus Drive (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (07/26/2022 09:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant SmartAudio service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant UIU Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/25/2022 06:52:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-08-01 19:00:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BF802CFF-3DC1-47DD-9832-C66CD50444EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-30 19:41:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5F859083-50C7-43E7-A80B-A87B59D04B93}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-29 19:40:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F664EA66-4628-4B62-9C3C-12648E109614}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-28 23:17:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A862A88-5B48-4DBF-9724-A8C30F363D48}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-27 19:40:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3356D95A-7BB1-4E30-A6F2-6108C48DF795}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-07-26 18:59:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-07-26 12:38:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO B0CN72WW 01/27/2015
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 77%
Total physical RAM: 4016.45 MB
Available physical RAM: 920.7 MB
Total Virtual: 10160.45 MB
Available Virtual: 5250.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.03 GB) (Free:347.08 GB) (Model: HGST HTS541075A9E680) NTFS
Drive d: (Seagate Backup Plus Drive) (Fixed) (Total:9313.87 GB) (Free:2107.75 GB) (Model: Seagate Backup+ Hub BK SCSI Disk Device) NTFS
Drive f: (Elements) (Fixed) (Total:2794.49 GB) (Free:1340.54 GB) (Model: WD Elements 25A2 USB Device) NTFS
\\?\Volume{2ee95c4e-a3f8-49ed-8b2f-6604bdb01ed3}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa9f589d-4880-4d85-b6cb-bbcc39917bc5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00A32510)
Partition: GPT.
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 2 (Size: 9314 GB) (Disk ID: 232B46A9)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-07-2022
Ran by Slávek (administrator) on DESKTOP-CPRA0SF (LENOVO 80L0) (26-07-2022 22:08:52)
Running from C:\Users\Slávek\Desktop
Loaded Profiles: Slávek
Platform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213760 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [37054552 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [CCleanerBrowserAutoLaunch_EB48762BEBE5EC73BAF6051F4BC9B411] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\Run: [MicrosoftEdgeAutoLaunch_F3281F16D0281E948AF7375C79C3D58C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601832 2022-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File)
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\Windows\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\Installer\chrmstp.exe [2022-07-13] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E6A892E-35C4-4AF8-9EE2-948687B19325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {0F58B38F-3FE9-4CA6-9F5D-9944B783797B} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
Task: {3B1432E1-FCFE-4B07-973F-EFF3982A0548} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
Task: {71D4E029-ACF3-42B8-B249-5B455C031F1E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {88D9057F-E34E-4C4D-9737-ECD6E29ADEED} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4938496 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A56CE2B6-C253-4F07-A94E-9B5DE0C700A6} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
Task: {A727AA52-291E-42E5-9E8B-6D6357FF84E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {C6660898-B91C-4A87-98A1-DD49379DE281} - System32\Tasks\CCleanerSkipUAC - Slávek => C:\Program Files\CCleaner\CCleaner.exe [31101528 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0CEEE21-C3A1-431F-A3EE-58411CA168CC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2813280 2022-07-05] (Piriform Software Ltd -> Piriform Software)
Task: {FE7C3E25-73BD-48B8-A4CD-70DEF8D83598} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-07-18] (Piriform Software Ltd -> Piriform)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.25.28.250 81.25.16.250
Tcpip\..\Interfaces\{52d6a99c-e91b-45b8-b01d-2805788e3765}: [DhcpNameServer] 81.25.28.250 81.25.16.250
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-26]
Edge Extension: (Outlook) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-06]
Edge Extension: (Word) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-06]
Edge Extension: (Excel) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-06]
Edge Extension: (PowerPoint) - C:\Users\Slávek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-06]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [2022-06-23] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [2022-06-23] (Piriform Software Ltd -> Piriform Software)
Chrome:
=======
CHR Profile: C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default [2022-07-08]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-06]
CHR Extension: (Dokumenty) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-06]
CHR Extension: (Disk Google) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-06]
CHR Extension: (YouTube) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-06]
CHR Extension: (Tabulky) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-06]
CHR Profile: C:\Users\Slávek\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8486968 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [590080 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589056 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-02] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\elevation_service.exe [1991960 2022-07-05] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [196976 2022-06-23] (Piriform Software Ltd -> Piriform Software)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16241056 2022-07-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 UIUService; C:\Windows\SysWOW64\UIUSrv.exe [105984 2021-01-06] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [41832 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235584 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [385560 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [258072 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [104976 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25048 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [47976 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274536 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [553928 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [113984 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [89056 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [860416 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [668208 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221528 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324864 2022-07-12] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-26 21:01 - 2022-07-26 21:04 - 000000000 ____D C:\AdwCleaner
2022-07-26 20:36 - 2022-07-26 20:47 - 1256375627 _____ C:\Users\Slávek\Downloads\ZOO 47.DÍL Konec jedné éry(SERIÁL CZ)2022.MP4.mp4
2022-07-26 18:54 - 2022-07-26 18:54 - 008551608 _____ (Malwarebytes) C:\Users\Slávek\Desktop\adwcleaner.exe
2022-07-26 18:04 - 2022-07-26 18:15 - 000038611 _____ C:\Users\Slávek\Desktop\Addition.txt
2022-07-26 17:50 - 2022-07-26 22:11 - 000018368 _____ C:\Users\Slávek\Desktop\FRST.txt
2022-07-26 17:49 - 2022-07-26 22:10 - 000000000 ____D C:\FRST
2022-07-26 17:48 - 2022-07-26 17:48 - 002369536 _____ (Farbar) C:\Users\Slávek\Desktop\FRST64(1).exe
2022-07-25 18:22 - 2022-07-25 18:22 - 000000000 ____D C:\Windows\LastGood
2022-07-25 17:32 - 2022-07-25 17:32 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-07-25 17:31 - 2022-07-25 17:31 - 000000000 ____D C:\Program Files (x86)\Intel
2022-07-25 17:07 - 2022-07-25 17:16 - 000000000 ____D C:\Users\Slávek\AppData\Local\TeamViewer
2022-07-25 17:06 - 2022-07-26 18:51 - 000000000 ____D C:\Program Files\TeamViewer
2022-07-25 17:06 - 2022-07-25 17:06 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-07-25 17:06 - 2022-07-25 17:06 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-07-25 17:06 - 2022-07-25 17:06 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\TeamViewer
2022-07-16 17:22 - 2022-07-16 17:22 - 002794373 _____ C:\Users\Slávek\Documents\Občan Havel.pdf
2022-07-14 06:58 - 2022-07-14 06:58 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-14 06:58 - 2022-07-14 06:58 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2022-07-14 06:58 - 2022-07-14 06:58 - 000018944 _____ C:\Windows\SysWOW64\WsdProviderUtil.dll
2022-07-14 06:58 - 2022-07-14 06:58 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2022-07-14 06:58 - 2022-07-14 06:58 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000693248 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-14 06:57 - 2022-07-14 06:57 - 000270848 _____ C:\Windows\system32\EsclScan.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000152064 _____ C:\Windows\system32\EsclProtocol.dll
2022-07-14 06:57 - 2022-07-14 06:57 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mode.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\tree.com
2022-07-14 06:57 - 2022-07-14 06:57 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\chcp.com
2022-07-14 06:56 - 2022-07-14 06:56 - 000011811 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-14 06:55 - 2022-07-14 06:55 - 000061952 _____ C:\Windows\system32\printticketvalidation.dll
2022-07-14 06:55 - 2022-07-14 06:55 - 000057344 _____ C:\Windows\system32\APMonUI.dll
2022-07-14 06:53 - 2022-07-14 06:53 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-14 06:53 - 2022-07-14 06:53 - 000024576 _____ C:\Windows\system32\WsdProviderUtil.dll
2022-07-14 06:52 - 2022-07-14 06:52 - 000640512 _____ C:\Windows\system32\SettingSyncDownloadHelper.dll
2022-07-14 06:52 - 2022-07-14 06:52 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-14 05:33 - 2022-07-14 05:33 - 000000000 ___HD C:\$WinREAgent
2022-07-12 20:30 - 2022-07-12 20:29 - 000270592 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-07-12 20:30 - 2022-07-12 20:29 - 000221528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-07-04 10:27 - 2022-07-04 11:34 - 000000000 ____D C:\Users\Slávek\Documents\povidky
2022-07-02 09:43 - 2022-07-02 09:43 - 000075180 _____ C:\Users\Slávek\Downloads\vf135422022.isdocx
2022-06-27 18:00 - 2022-06-27 18:00 - 000025048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-26 22:02 - 2021-01-06 23:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-26 21:53 - 2021-01-06 21:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-07-26 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-07-26 21:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-26 21:04 - 2021-08-02 09:42 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:42 - 000000000 ____D C:\Users\Slávek\AppData\Local\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:41 - 000000000 ____D C:\ProgramData\Lavasoft
2022-07-26 21:04 - 2021-08-02 09:41 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2022-07-26 20:34 - 2022-02-12 23:41 - 000000000 ____D C:\Users\Slávek\Downloads\Prozatím
2022-07-26 16:43 - 2022-05-21 23:13 - 000000000 ____D C:\Users\Slávek\Downloads\ULOŽÍT do nových seriálů
2022-07-26 16:41 - 2021-08-02 09:39 - 000003672 _____ C:\nsispromotion_log.txt
2022-07-26 16:04 - 2021-07-02 15:49 - 000004212 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{79C6F87A-BF76-4C3E-A581-0777AD1171AA}
2022-07-26 16:01 - 2021-07-02 15:53 - 000000000 ____D C:\Program Files\CCleaner
2022-07-26 14:20 - 2022-06-23 17:01 - 000003104 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-07-26 14:20 - 2022-06-23 17:01 - 000002622 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2022-07-26 14:20 - 2022-06-23 17:00 - 000003456 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-07-26 14:20 - 2022-06-23 17:00 - 000003232 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-07-26 14:20 - 2021-12-11 12:34 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-135731915-3674959227-2928559306-1001
2022-07-26 14:20 - 2021-08-19 10:12 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Slávek
2022-07-26 14:20 - 2021-08-02 22:46 - 000000000 ____D C:\Users\Slávek\AppData\Local\CrashDumps
2022-07-26 14:20 - 2021-08-02 09:49 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-07-26 14:20 - 2021-07-30 15:48 - 000000000 ____D C:\Users\Slávek\AppData\Local\ClassicShell
2022-07-26 14:20 - 2021-07-02 15:53 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-07-26 14:20 - 2021-01-06 23:09 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-07-26 14:20 - 2021-01-06 23:09 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-07-26 14:20 - 2021-01-06 22:56 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-26 14:20 - 2021-01-06 22:56 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-26 14:20 - 2021-01-06 21:52 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-135731915-3674959227-2928559306-1001
2022-07-26 11:57 - 2021-01-06 21:28 - 000002380 _____ C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-26 11:50 - 2021-01-06 21:29 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-26 11:50 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-07-26 11:50 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-07-26 11:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-07-26 00:31 - 2021-08-02 09:48 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-07-25 19:13 - 2021-01-06 21:41 - 000000000 ____D C:\Intel
2022-07-25 18:42 - 2021-08-02 09:41 - 000000000 ____D C:\ProgramData\Avast Software
2022-07-25 18:38 - 2021-01-06 21:46 - 000000000 __SHD C:\Users\Slávek\IntelGraphicsProfiles
2022-07-25 18:38 - 2021-01-06 21:41 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-25 18:37 - 2021-01-06 21:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-25 18:37 - 2021-01-06 21:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-25 18:37 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2022-07-25 17:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-25 17:44 - 2021-01-06 21:16 - 000446160 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-24 22:32 - 2021-01-06 22:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-24 22:32 - 2021-01-06 22:57 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-24 17:49 - 2021-01-06 23:13 - 000000000 ____D C:\Users\Slávek\AppData\Roaming\vlc
2022-07-24 15:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-07-24 15:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2022-07-22 04:05 - 2021-01-06 23:10 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-22 04:05 - 2021-01-06 23:10 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-20 22:11 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-15 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2022-07-15 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-14 06:51 - 2021-01-06 21:19 - 003010560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-07-14 05:28 - 2021-01-06 21:41 - 000000000 ____D C:\Windows\system32\MRT
2022-07-14 05:21 - 2021-01-06 21:40 - 146546848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-07-13 21:09 - 2022-06-23 17:01 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-07-13 21:09 - 2022-06-23 17:01 - 000002352 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2022-07-13 21:09 - 2022-06-23 16:59 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-07-12 20:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-07-12 20:29 - 2021-08-02 09:48 - 000860416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000668208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000553928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000385560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000324864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000274536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000258072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000113984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000104976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000089056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000047976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-07-12 20:29 - 2021-08-02 09:48 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-07-06 00:23 - 2021-05-17 11:05 - 000092920 _____ C:\Users\Slávek\AppData\Local\GDIPFONTCACHEV1.DAT
2022-07-01 10:08 - 2022-05-22 11:55 - 000000000 ____D C:\Users\Slávek\Documents\GOMPlayer
2022-07-01 00:57 - 2022-06-21 11:26 - 000000000 ____D C:\Users\Slávek\Downloads\Nové seriály
2022-06-27 18:21 - 2021-01-06 21:29 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories ========
2022-07-26 16:42 - 2022-07-26 16:42 - 000370070 _____ () C:\Users\Slávek\AppData\Roaming\logo_empire_desktop.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Slávek (26-07-2022 22:14:20)
Running from C:\Users\Slávek\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-01-06 19:25:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-135731915-3674959227-2928559306-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-135731915-3674959227-2928559306-503 - Limited - Disabled)
Guest (S-1-5-21-135731915-3674959227-2928559306-501 - Limited - Disabled)
Slávek (S-1-5-21-135731915-3674959227-2928559306-1001 - Administrator - Enabled) => C:\Users\Slávek
WDAGUtilityAccount (S-1-5-21-135731915-3674959227-2928559306-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.02 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 103.0.17593.116 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1208.2 - Piriform Software) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.259.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.77.5342 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation)
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Outlook (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.32.3 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.6.385.0_x64__ynb6jyjzte8ga [2022-03-17] (Adobe Inc.)
Cradle of Empires -> C:\Program Files\WindowsApps\AWEMGAMESLTD.CradleofEmpires_7.50.670.0_x86__bk6jmky90x9y4 [2022-07-02] (AWEM GAMES LTD)
Crime Mysteries™: Find hidden objects & match 3 puzzle -> C:\Program Files\WindowsApps\828B5831.CrimeMysteriesMatch-3Cases_1.24.2600.0_x86__ytsefhwckbdv6 [2022-07-14] (G5 Entertainment AB)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.14.67.0_x64__rz1tebttyb220 [2022-07-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Emperor of Mahjong: Match tiles & restore a city -> C:\Program Files\WindowsApps\828B5831.JewelsofMahjongMatchtilesrestorethecity_1.27.2700.0_x64__ytsefhwckbdv6 [2022-07-02] (G5 Entertainment AB)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.1_neutral__2vp2pd36ganw2 [2022-05-28] (excel.office.com)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6 [2022-07-23] (G5 Entertainment AB)
Jewels of Rome: Match gems to restore the city -> C:\Program Files\WindowsApps\828B5831.JewelsofRomeMatchgemstorestorethecity_1.37.3700.0_x64__ytsefhwckbdv6 [2022-07-02] (G5 Entertainment AB)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.6090.0_x64__8wekyb3d8bbwe [2022-06-24] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-10] (Microsoft Studios) [MS Ad]
Pinterest -> C:\Program Files\WindowsApps\1424566A.147190DF3DE79_1.0.20.0_neutral__5byw4zywtsh80 [2021-05-02] (Pinterest Inc.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.103.0_x64__pwbj9vvecjh7j [2022-07-20] (Amazon Development Centre (London) Ltd)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.536.453.0_x86__55nm5eh3cm0pr [2022-07-24] (ROBLOX Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0 [2022-07-22] (Spotify AB) [Startup Task]
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.5_neutral__jc2kecmnkxwqc [2022-05-28] (word.office.com)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Slávek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
==================== Loaded Modules (Whitelisted) =============
2021-01-06 23:08 - 2009-12-12 16:12 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-08-02 07:42:17&iid=085e8f3e-9df1-4ed5-a199-071c0c49f451&bName=
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 81.25.28.250 - 81.25.16.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "RtsFT"
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_EB48762BEBE5EC73BAF6051F4BC9B411"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{B4B351BC-49AB-49DC-B556-742B954B855F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{72B70D9F-3542-4BF5-B4D4-C414F0B6236C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6729B41D-9403-4538-B1DC-C92897A3D606}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CD1043AA-7AD7-4DE6-85BC-4DCC8C66409F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{25CA59C9-D0E7-4356-85C6-EEC5D052BDC8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1DC6080A-F487-4F1A-AA73-E7D36005DCA0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BBCA9EB6-D8A9-4515-8534-27E5E09EE9E4}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{81091E96-C64C-4FFC-BE34-969D82FF43C9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{293B5A51-1A94-40E0-B858-85CD15B2B237}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA912668-5969-4A61-8445-1002C21E43CC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FD1D709B-5E92-4EEC-8DE3-0ECB642195EF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87212063-16F4-4C9A-A00F-17FAD1132603}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14F41831-6758-4444-BC7C-2473EE75333E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5759E490-0BF3-4B36-A92D-866639B907CD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3F58B1BC-B6EC-4B8D-A32C-5D4DD7D42572}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{751728B6-00A7-448B-B86A-890A4467829F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14CCF434-8B9E-4999-85D7-B0024EC9FE1A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85B5C02E-B846-49A7-B59D-482A8BF809FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FC3BB0AB-EF69-4255-9F05-1995063ACCE8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7227B828-A72D-4CBB-BD8F-E2FB1ECDC2A9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F9476F48-D57C-4744-912D-F93B5CF6195D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2F61CEF2-B9E9-42D8-89A0-C74BCCB50495}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DFD31397-1E0D-46BC-9FEC-B78681425E44}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{38509A54-407D-436D-823B-39DEDFA3DE9A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A640188E-EFF8-4937-AA02-608D950861FE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{366E313D-EACE-4F65-B9E1-A89715DAF1C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BBF8C7B8-065A-4401-ACCA-828FE340163B}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{4F288520-1BF1-4485-81D4-E366800488DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3329763D-CFAC-4275-B3A6-A93986A00BE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{639BA18B-4458-4B3B-A39A-3AA1AEFD69C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95BBAB29-0F25-4460-B2A2-86A30186E4F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B8F6AED-23C0-4912-B090-E5B4BA9461C4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{125FE7C9-598E-4C6D-881F-64DAA7893888}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE74597D-4C27-4D5A-8EA8-CD7754A8B246}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{71C6435F-7B2A-46A5-B348-A41153045555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A853513B-7DE7-4AAA-B691-27FF310B6610}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC6B059E-7AE2-4B23-9EF9-66FC641C4FFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9A3E44A3-A5AA-4C37-8BE1-6471E550AE63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C2FEF9B-CB73-4733-B590-E13B7A609C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C84B8D8E-5C48-4F59-91DC-138B4141F94A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{185B1408-9A6B-4AC5-B5F8-A5A3CCE2FC42}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B35BDCB-1F96-4D6E-9FCE-DF2D309DE198}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4110ABA3-7A4D-490D-9AB3-8E122FC5922C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{464A8D48-3C62-43B4-8A01-2933E52D3059}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DB2E723D-E2A2-44F4-9A62-C0901324653A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FEAB22A1-2FE8-448F-B4D2-B74BDCB1DE7E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{22D655E9-6515-4FD7-9FA6-231B2960D9C9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BE67BC51-5B57-437B-B231-BA8C252DD6C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
15-07-2022 21:49:03 Naplánovaný kontrolní bod
25-07-2022 09:26:26 Naplánovaný kontrolní bod
25-07-2022 17:29:41 Installed Intel(R) Wireless Bluetooth(R)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/26/2022 05:39:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1806 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2790
Čas spuštění: 01d8a047e6d73eff
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 93e0a984-faee-4c0c-b668-7aaf1ee036d8
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (07/26/2022 02:21:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HiddenCityUWP.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: ef8
Čas spuštění: 01d8a0ea006d866f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6\HiddenCityUWP.exe
ID hlášení: a2e11568-ac58-4f28-95c8-91179bb979da
Úplný název balíčku s chybou: 828B5831.HiddenCityMysteryofShadows_1.49.4900.0_x86__ytsefhwckbdv6
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Cross-thread
Error: (07/26/2022 02:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.822.6271.0, časové razítko: 0x62b9e0ef
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1826, časové razítko: 0x299341e8
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010fb62
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0x01d8a0e9b7b7176b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 5da822e7-d4ba-409b-9b52-34123f375f42
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/25/2022 06:04:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WWAHost.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2030
Čas spuštění: 01d8a03fc605055f
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\System32\WWAHost.exe
ID hlášení: 90fbf380-bec0-4ce7-bf70-28a45ec0daee
Úplný název balíčku s chybou: Microsoft.Windows.CloudExperienceHost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/24/2022 09:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1806 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 334c
Čas spuštění: 01d89dcd861adcef
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 39d1052e-0fd8-4017-9479-8eddd9bd2a21
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (07/23/2022 01:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.822.6271.0, časové razítko: 0x62b9e0ef
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1826, časové razítko: 0x299341e8
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010fb62
ID chybujícího procesu: 0x1a68
Čas spuštění chybující aplikace: 0x01d89e84a365661b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: bb122b6b-f5a1-44a6-93d6-5ebb23c4cc51
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/23/2022 01:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Solitaire.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3214
Čas spuštění: 01d89da36e46314a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe\Solitaire.exe
ID hlášení: 40db5ad1-370e-45d2-a9d5-50b773fa1fc9
Úplný název balíčku s chybou: Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/22/2022 09:07:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Seagate Backup Plus Drive (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (07/26/2022 09:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant SmartAudio service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant UIU Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/26/2022 09:04:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/25/2022 06:52:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-08-01 19:00:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BF802CFF-3DC1-47DD-9832-C66CD50444EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-30 19:41:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5F859083-50C7-43E7-A80B-A87B59D04B93}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-29 19:40:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F664EA66-4628-4B62-9C3C-12648E109614}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-28 23:17:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A862A88-5B48-4DBF-9724-A8C30F363D48}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-27 19:40:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3356D95A-7BB1-4E30-A6F2-6108C48DF795}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-07-26 18:59:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-07-26 12:38:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO B0CN72WW 01/27/2015
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 77%
Total physical RAM: 4016.45 MB
Available physical RAM: 920.7 MB
Total Virtual: 10160.45 MB
Available Virtual: 5250.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.03 GB) (Free:347.08 GB) (Model: HGST HTS541075A9E680) NTFS
Drive d: (Seagate Backup Plus Drive) (Fixed) (Total:9313.87 GB) (Free:2107.75 GB) (Model: Seagate Backup+ Hub BK SCSI Disk Device) NTFS
Drive f: (Elements) (Fixed) (Total:2794.49 GB) (Free:1340.54 GB) (Model: WD Elements 25A2 USB Device) NTFS
\\?\Volume{2ee95c4e-a3f8-49ed-8b2f-6604bdb01ed3}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa9f589d-4880-4d85-b6cb-bbcc39917bc5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00A32510)
Partition: GPT.
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 2 (Size: 9314 GB) (Disk ID: 232B46A9)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výpadky internetu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0E6A892E-35C4-4AF8-9EE2-948687B19325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {A727AA52-291E-42E5-9E8B-6D6357FF84E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
C:\Windows\LastGood.Tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výpadky internetu
Zasílám log.
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Slávek (27-07-2022 16:17:30) Run:1
Running from C:\Users\Slávek\Desktop
Loaded Profiles: Slávek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0E6A892E-35C4-4AF8-9EE2-948687B19325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {A727AA52-291E-42E5-9E8B-6D6357FF84E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
C:\Windows\LastGood.Tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
"HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 22.131.0619.0001" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E6A892E-35C4-4AF8-9EE2-948687B19325}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E6A892E-35C4-4AF8-9EE2-948687B19325}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A727AA52-291E-42E5-9E8B-6D6357FF84E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A727AA52-291E-42E5-9E8B-6D6357FF84E9}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Windows\LastGood.Tmp => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 261313834 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 2741749 B
Edge => 12288 B
Chrome => 299008 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15546 B
NetworkService => 15546 B
Slávek => 225600160 B
RecycleBin => 1486716227 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:19:45 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Slávek (27-07-2022 16:17:30) Run:1
Running from C:\Users\Slávek\Desktop
Loaded Profiles: Slávek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-135731915-3674959227-2928559306-1001\...\RunOnce: [Uninstall 22.131.0619.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Slávek\AppData\Local\Microsoft\OneDrive\22.131.0619.0001" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0E6A892E-35C4-4AF8-9EE2-948687B19325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
Task: {A727AA52-291E-42E5-9E8B-6D6357FF84E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-01-06] (Google Inc -> Google Inc.)
C:\Windows\LastGood.Tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
"HKU\S-1-5-21-135731915-3674959227-2928559306-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 22.131.0619.0001" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E6A892E-35C4-4AF8-9EE2-948687B19325}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E6A892E-35C4-4AF8-9EE2-948687B19325}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A727AA52-291E-42E5-9E8B-6D6357FF84E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A727AA52-291E-42E5-9E8B-6D6357FF84E9}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Windows\LastGood.Tmp => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 261313834 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 2741749 B
Edge => 12288 B
Chrome => 299008 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15546 B
NetworkService => 15546 B
Slávek => 225600160 B
RecycleBin => 1486716227 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:19:45 ====
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výpadky internetu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?