samovolné otevírání oken Chrom - prosím o kontrolu

Zpráva

pritt · #1 Příspěvek od **pritt** » 02 zář 2022 07:59

Dobrý den,
stává se mi, že při kliknutí na odkaz (libovolné stránky) se mi otevře okno s erotickou nebo jinou tématikou. Smazal jsem obsah prohlížeče atd. Antivir nehlásí nic špatného.

prosím o kontrolu logů:
Děkuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by Prodejna (02-09-2022 08:41:31)
Running from C:\Users\Prodejna\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2020-08-26 16:05:35)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3885610105-3758572810-27774397-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3885610105-3758572810-27774397-503 - Limited - Disabled)
Guest (S-1-5-21-3885610105-3758572810-27774397-501 - Limited - Disabled)
Prodejna (S-1-5-21-3885610105-3758572810-27774397-1001 - Administrator - Enabled) => C:\Users\Prodejna
WDAGUtilityAccount (S-1-5-21-3885610105-3758572810-27774397-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {840E1EB8-082E-3D95-EAAA-FD11CF357A26}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {BC359F9D-4241-3CCD-C1F5-542431E63D5D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.002.20191 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.231 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.16.72 - Bitdefender)
Canon LBP6310 (HKLM\...\Canon LBP6310) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.03 - Piriform)
eM Client (HKLM-x32\...\{DCA2551A-C6C8-413E-85B5-5FECAAE001AF}) (Version: 8.2.1659.0 - eM Client Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.54 - Google LLC)
Honeywell HSM USB Serial Drv x64 ver 3.5.9 (HKLM\...\{1224D576-15FA-464A-B1E8-5CB53942847A}) (Version: 3.5.9 - Honeywell)
HP LaserJet Professional M1530 MFP Series (HKLM-x32\...\{74280B5D-A0AF-46c5-9C85-D9EA078262F1}) (Version: 15.0.15188.928 - Hewlett-Packard)
HP LJ M1530 MFP Series HP Scan (HKLM-x32\...\{C05002F1-06F8-4A15-B6F8-E4DC655C28AA}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27024 (HKLM-x32\...\{7258184A-EC44-4B1A-A7D3-68D85A35BFD0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27024 (HKLM-x32\...\{5EEFCEFB-E5F7-4C82-99A5-813F04AA4FBD}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
QNAP Qsync Client (HKLM-x32\...\Qsync) (Version: 5.0.5.0620 - QNAP Systems, Inc.)
Sticky Password 8.3.1.10 (HKLM-x32\...\Sticky Password_is1) (Version: 8.3 - Lamantine Software)
STORMWARE POHODA E1 Klient CZ Premium (HKLM-x32\...\{775B81F0-CD06-42D2-9BD1-1C27AA9355D0}) (Version: 12100.85 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{EE8FCA5D-FD65-4138-AF76-FD44473DD374}) (Version: 12204.28 - STORMWARE)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36224 - TeamViewer)
TSP100 Setup Version 7.4.0 (HKLM\...\{F273C16D-1109-417F-84B3-5115A9F5B6D5}) (Version: 7.4.0 - Star Micronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{4821E6B5-9C96-48E7-B0AC-AB3E8EEB6958}) (Version: 9.6.5.16 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\{6af7d50d-3e8e-465c-8e56-bbe86869755b}) (Version: 9.6.5.16 - Viber Media Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WPS Office (11.2.0.11254) (HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\Kingsoft Office) (Version: 11.2.0.11254 - Kingsoft Corp.)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2340.1.0_x64__kgqvnymyfvs32 [2022-08-22] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.225.300.0_x64__kgqvnymyfvs32 [2022-08-26] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.14.67.0_x64__rz1tebttyb220 [2022-07-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.49.4904.0_x86__ytsefhwckbdv6 [2022-08-23] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.2.412.0_x64__v10z8vjag6ke6 [2022-08-25] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-29] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3885610105-3758572810-27774397-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Prodejna\AppData\Local\Kingsoft\WPS Office\11.2.0.11254\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-3885610105-3758572810-27774397-1001_Classes\CLSID\{57D0E8CF-2552-4B76-A5C4-B1E9D413FD14} -> [Qsync] => C:\Users\Prodejna\AppData\Local\QNAP\Qsync\Quick Access [2018-09-18 15:14]
CustomCLSID: HKU\S-1-5-21-3885610105-3758572810-27774397-1001_Classes\CLSID\{6166E16F-FE11-4C78-94E3-DD042B15E50B} -> [QNAP Qsync Client: ALPNAS (Qsync)] => C:\Users\Prodejna\Qsync [2018-09-18 15:16]
CustomCLSID: HKU\S-1-5-21-3885610105-3758572810-27774397-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ QsyncEx_Icon1] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon2] -> {A31C3AF7-2870-4121-AF94-1BF770A2C95B} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon3] -> {7937C765-6EFA-4184-A69C-1101127615E8} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon4] -> {DDA7CE77-08EA-4047-A53E-C4FB10C307F2} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ContextMenuHandlers1: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ContextMenuHandlers4: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ContextMenuHandlers6: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2021-09-27] (QNAP Systems, Inc. -> )
ContextMenuHandlers1_S-1-5-21-3885610105-3758572810-27774397-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Prodejna\AppData\Local\Kingsoft\WPS Office\11.2.0.11254\office6\kwpsmenushellext64.dll [2022-08-08] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-3885610105-3758572810-27774397-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Prodejna\AppData\Local\Kingsoft\WPS Office\11.2.0.11254\office6\kwpsmenushellext64.dll [2022-08-08] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-09-09 13:24 - 2021-09-09 13:24 - 000011264 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Accounts.resources.dll
2021-09-09 13:24 - 2021-09-09 13:24 - 000003584 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Commands.resources.dll
2021-09-09 13:24 - 2021-09-09 13:24 - 000009216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Common.UI.resources.dll
2021-09-09 13:24 - 2021-09-09 13:24 - 000004608 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Protocols.Gdata.resources.dll
2021-09-09 13:24 - 2021-09-09 13:24 - 000007680 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Protocols.resources.dll
2021-09-09 13:24 - 2021-09-09 13:24 - 000006656 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.Protocols.Smtp.resources.dll
2021-09-09 13:24 - 2021-09-09 13:24 - 000821248 _____ () [File not signed] [File is in use] C:\Program Files (x86)\eM Client\cs\MailClient.resources.dll
2021-06-24 11:56 - 2021-06-24 11:56 - 001206784 _____ () [File not signed] C:\Program Files (x86)\eM Client\e_sqlite3.DLL
2021-07-06 13:33 - 2021-07-06 13:33 - 093837824 _____ () [File not signed] C:\Program Files (x86)\eM Client\libcef\libcef.dll
2022-04-28 05:01 - 2022-04-28 05:01 - 000188928 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qsync\IOTCAPIs.dll
2022-04-28 05:01 - 2022-04-28 05:01 - 000037376 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qsync\json-c.dll
2022-04-28 05:01 - 2022-04-28 05:01 - 000039424 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qsync\P2PTunnelAPIs.dll
2022-04-28 05:02 - 2022-04-28 05:02 - 000166400 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qsync\RdiffDll.dll
2022-04-28 05:01 - 2022-04-28 05:01 - 000031232 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qsync\RDTAPIs.dll
2018-05-31 18:00 - 2018-05-31 18:00 - 000090112 _____ () [File not signed] C:\Program Files (x86)\StarMicronics\TSP100\Software\20171207\StarMicronicsCloudNativeLibrary_futurePRNT.dll
2021-05-14 07:10 - 2020-11-30 17:17 - 001101824 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
2018-05-31 18:01 - 2018-05-31 18:01 - 000111616 _____ () [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\StarMicronicsCloudNativeLibrary_futurePRNT.dll
2021-03-19 03:04 - 2021-03-19 03:04 - 000143872 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.Auth.dll
2020-10-26 18:09 - 2020-10-26 18:09 - 000093696 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.Calendar.v3.dll
2021-03-19 03:04 - 2021-03-19 03:04 - 000076800 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.Core.dll
2021-03-19 03:04 - 2021-03-19 03:04 - 000080896 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.dll
2020-10-22 18:11 - 2020-10-22 18:11 - 000111616 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.Gmail.v1.dll
2021-03-25 18:17 - 2021-03-25 18:17 - 000093184 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.PeopleService.v1.dll
2020-10-22 18:12 - 2020-10-22 18:12 - 000029696 _____ (Google Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\Google.Apis.Tasks.v1.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2021-06-24 18:34 - 2021-06-24 18:34 - 000006144 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\SQLitePCLRaw.batteries_v2.dll
2021-06-24 18:33 - 2021-06-24 18:33 - 000050176 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\SQLitePCLRaw.core.dll
2021-06-24 18:33 - 2021-06-24 18:33 - 000005632 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\SQLitePCLRaw.nativelibrary.dll
2021-06-24 18:34 - 2021-06-24 18:34 - 000061440 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\SQLitePCLRaw.provider.dynamic_cdecl.dll
2017-12-22 17:01 - 2017-12-22 17:01 - 000173056 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\CommandEmulator.dll
2017-12-22 17:03 - 2017-12-22 17:03 - 000157184 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\CompGAF.dll
2017-12-22 17:01 - 2017-12-22 17:01 - 000417280 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\Configuration.dll
2017-12-22 17:03 - 2017-12-22 17:03 - 003606016 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\ESCPOSSE.dll
2017-12-22 17:02 - 2017-12-22 17:02 - 000335360 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\GenericAction.dll
2015-10-27 10:28 - 2015-10-27 10:28 - 000486912 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\StarIOPort.dll
2017-12-22 17:03 - 2017-12-22 17:03 - 006893568 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\StarLineModeSE.dll
2017-12-22 17:02 - 2017-12-22 17:02 - 000144896 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\StarTSPTC.dll
2017-12-22 17:01 - 2017-12-22 17:01 - 000110592 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\TargetAction.dll
2018-05-28 20:33 - 2018-05-28 20:33 - 000595456 _____ (Star Micronics Co., Ltd.) [File not signed] C:\Program Files\StarMicronics\TSP100\Software\20171207\tsp100lm.dll
2018-05-28 20:36 - 2018-05-28 20:36 - 000360960 _____ (Star Micronics Co., Ltd.) [File not signed] C:\WINDOWS\System32\smjt100epm.dll
2022-04-28 05:02 - 2022-04-28 05:02 - 000394752 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Program Files (x86)\QNAP\Qsync\libcurl.dll
2021-07-06 13:33 - 2021-07-06 13:33 - 000729600 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\eM Client\libcef\chrome_elf.dll
2021-07-15 17:23 - 2021-07-15 17:23 - 002953216 _____ (The Legion of the Bouncy Castle Inc.) [File not signed] [File is in use] C:\Program Files (x86)\eM Client\BouncyCastle.Crypto.dll
2022-04-28 05:02 - 2022-04-28 05:02 - 002052096 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\QNAP\Qsync\libcrypto-1_1.dll
2022-04-28 05:02 - 2022-04-28 05:02 - 000497664 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\QNAP\Qsync\libssl-1_1.dll
2021-10-07 13:25 - 2021-10-07 13:25 - 000442368 _____ (Thomas Maierhofer) [File not signed] C:\Program Files (x86)\eM Client\Hunspellx86.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:40C12C39 [130]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2022-08-09] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-07-15] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2022-08-30] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-08-30] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-07-15] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-08-30] (Bitdefender SRL -> Bitdefender)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2022-07-14 16:41 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3885610105-3758572810-27774397-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1 - 31.30.90.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0F040FCB-3BAB-4F47-890C-7E788E016738}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{57E9CC07-3611-4913-89E7-DD4AF746EDF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{876E1849-4C0B-4CFB-8778-DA5DE0A4472F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17EFE983-6508-431F-BC39-45096CC63B0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56B500F7-262B-4569-AA76-EC6C903284C2}] => (Allow) C:\Users\Prodejna\AppData\Local\Kingsoft\WPS Office\10.2.0.7646\office6\wpscloudsvr.exe => No File
FirewallRules: [{B4260383-F094-4A50-9494-5BE87E65887A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0AC2FDA9-78EA-476E-BEFD-B134BBD52068}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C46806FD-F14C-4AD2-B53D-A6444BF5C762}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{50505813-1E26-42FD-8200-0FCA4368FEEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56F71A60-A7B9-48DF-B440-01BBD8237E4B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{4E3AF8D8-B640-4723-A827-E844687A0063}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [TCP Query User{2700165C-BE15-44D7-9B42-E12F60167710}C:\program files (x86)\qnap\qsync\qsync.exe] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [UDP Query User{CB6AF4E3-CCCD-4969-BAEE-428DFEA61FA7}C:\program files (x86)\qnap\qsync\qsync.exe] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [{01CD1BF3-3E2D-40AA-8791-A51547D139D8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{BA5AD4E9-73DB-4B57-A94D-5B0CDA30712A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{B4086070-3A9F-4328-A7FD-DFC9352CDE2C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{AC855F51-32C8-4F5B-9469-D5C93A6A400C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{0332DC71-9D4F-4084-8E81-A627599D77E7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{F33EA30B-F6D5-485D-96B8-D0BEF940E200}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E9F3E863-C3C0-4D93-96F5-91D5DA98C87F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{63CA8BED-5FE2-4ECC-9B93-70F3E8378084}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{58D9FC45-DB46-400D-BDC2-B75ACA201488}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9637543-3A97-4CF4-AF55-08256C1CDE41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF5C8A01-2CB0-4994-8645-8AB9912ADBBF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B17B62CC-E0CD-4BD4-A879-4F560C013FBD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-08-2022 08:05:18 Naplánovaný kontrolní bod
25-08-2022 08:06:54 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Intel(R) Trusted Execution Engine Interface
Description: Intel(R) Trusted Execution Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: TXEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (07/15/2022 08:14:02 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.

Error: (07/15/2022 07:57:52 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (07/15/2022 07:57:52 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (07/15/2022 07:57:52 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (07/15/2022 07:57:52 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (07/15/2022 07:57:52 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (07/14/2022 08:18:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1741 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 247c

Čas spuštění: 01d89747317a48f9

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 2e8ea768-813a-4b91-8793-cc9cd0fbc30a

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.5.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Quiesce

Error: (07/04/2022 04:44:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1741 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 15cc

Čas spuštění: 01d88f6a46ae440d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: acdbf1f3-0cf8-4579-a358-4c1109759eb3

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.5.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Quiesce

System errors:
=============
Error: (09/01/2022 05:01:31 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server Microsoft.MicrosoftOfficeHub_18.2205.1091.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/29/2022 05:00:38 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/29/2022 05:00:38 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/26/2022 04:58:52 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/26/2022 04:58:52 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/26/2022 07:43:43 AM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/25/2022 05:00:34 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/25/2022 05:00:34 PM) (Source: DCOM) (EventID: 10010) (User: PRODEJNA-KASA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===============
Date: 2022-09-02 07:58:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\bdamsi\266126562904114456\antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2022-09-01 14:53:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\bdamsi\266126562904114456\antimalware_provider64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde P12-A1 01/12/2015
Motherboard: Acer UI2H
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 89%
Total physical RAM: 3983.45 MB
Available physical RAM: 413.14 MB
Total Virtual: 7824.24 MB
Available Virtual: 1103.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.29 GB) (Free:150.07 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS

\\?\Volume{78a31b23-032d-46a9-9151-c8d97db5dbab}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{451917f6-2d3b-4da2-a73d-920895cd7209}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

pritt · #2 Příspěvek od **pritt** » 02 zář 2022 07:59

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by Prodejna (administrator) on PRODEJNA-KASA (Acer Aspire Z1-621) (02-09-2022 08:34:57)
Running from C:\Users\Prodejna\Desktop
Loaded Profiles: Prodejna
Platform: Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.231\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(cmd.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(explorer.exe ->) (eM Client, s.r.o. -> eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(explorer.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mstsc.exe
(explorer.exe ->) (Star Micronics Co., Ltd.) [File not signed] C:\Program Files (x86)\StarMicronics\TSP100\Software\20171207\Ondemand.exe
(explorer.exe ->) (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\Prodejna\AppData\Local\Viber\Viber.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABGSWK.EXE
(spool\drivers\x64\3\CNAP2LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.542.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\Qsync\Qsync.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSP100ecoOndemand] => C:\Program Files (x86)\StarMicronics\TSP100\Software\20171207\Ondemand.exe [476672 2017-12-22] (Star Micronics Co., Ltd.) [File not signed]
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC. -> CANON INC.)
HKLM\...\Run: [HP LaserJet Professional M1530 MFP Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2014-04-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [Qsync] => C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [93295992 2022-06-20] (QNAP Systems, Inc. -> QNAP Systems, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [240288 2021-10-07] (eM Client, s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\Run: [Viber] => C:\Users\Prodejna\AppData\Local\Viber\Viber.exe [55324376 2022-08-24] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64464 2021-05-13] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\Run: [MicrosoftEdgeAutoLaunch_AD040CD4744FB0EB71C17803BF1A1678] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3885610105-3758572810-27774397-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-03] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Fax Port: C:\WINDOWS\system32\hppfaxprintermon5.dll [27704 2014-04-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\Star Language Monitor Host: C:\WINDOWS\system32\SMJLMHOST.DLL [11264 2010-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Star Micronics Co., Ltd.)
HKLM\...\Print\Monitors\TSP100LAN Port: C:\WINDOWS\system32\smjt100epm.dll [360960 2018-05-28] (Star Micronics Co., Ltd.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.54\Installer\chrmstp.exe [2022-08-31] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-07-31]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0321FB0A-36D3-4450-BBE2-EBAD82C39DB6} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [987200 2022-08-30] (Bitdefender SRL -> Bitdefender)
Task: {033F9EEE-F62E-4129-9374-D284CB438DDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.)
Task: {0DDCE6DA-CF8D-48D8-B50E-2CA44FE108B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.)
Task: {30004086-956A-4EFE-AA79-B3AEE882574F} - System32\Tasks\CCleanerSkipUAC - Prodejna => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {452E61F2-C6D1-4D62-B611-92D52DC7B9C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {6AA519CB-4D33-444F-9F0A-92814FE00909} - System32\Tasks\WpsUpdateTask_Prodejna => C:\Users\Prodejna\AppData\Local\Kingsoft\WPS Office\11.2.0.11254\office6\wpsupdate.exe [172216 2022-08-08] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {88A36CC8-22A3-4FE8-83C5-29F8EF509EC9} - System32\Tasks\QNAPQsyncAutoLaunch => C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [93295992 2022-06-20] (QNAP Systems, Inc. -> QNAP Systems, Inc.)
Task: {970FFDA2-21E5-483F-B9C0-47BF390BBD5B} - System32\Tasks\WpsExternal_Prodejna_20220808073431 => C:\Users\Prodejna\AppData\Local\Kingsoft\WPS Office\11.2.0.11254\office6\wpscloudsvr.exe [1060024 2022-08-08] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B22A22EA-A6E1-4261-B351-8B1ACD4EB224} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {DC66A673-496E-4F45-A02C-0DE215CD903C} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.231\WatchDog.exe [1053264 2022-07-25] (Bitdefender SRL -> Bitdefender)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 31.30.90.11 31.30.90.12 10.0.0.138 192.168.8.1 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{42e00322-60bc-482e-89a2-d9295a41c754}: [DhcpNameServer] 192.168.1.1 31.30.90.11 31.30.90.12 10.0.0.138 192.168.8.1 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{b2ff6d36-90e0-476d-997e-4044c2b0e4d5}: [DhcpNameServer] 192.168.1.1 31.30.90.11 31.30.90.12 10.0.0.138 192.168.8.1 1.1.1.1 8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Prodejna\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-02]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\Prodejna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2022-08-04]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-18] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-11-09] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-09-03] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Notifications: Default -> hxxps://answear.cz; hxxps://eur.shein.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.alpik.cz/
CHR StartupUrls: Default -> "hxxps://www.alpik.cz/admin/sign/in/?backlink=0vgnh&_fid=oice"
CHR DefaultSearchURL: Default -> hxxps://www.google.cz/search?source=hp&ei=I5GKW ... FlgEfXQqRg
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Extension: (Sticky Password - správce hesel) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2022-07-22]
CHR Extension: (Bitdefender Wallet) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-31]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-08-11]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-09-22]
CHR Extension: (Uložte obrázek, jak chcete) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\laecjkbpbmfmleaiggbaifbaecaifink [2020-03-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Prodejna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-07-31] (philandro Software GmbH -> philandro Software GmbH)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821312 2022-07-15] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821312 2022-07-15] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2454632 2022-02-10] (Bitdefender SRL -> Bitdefender)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 PortEmulator; C:\Program Files\StarMicronics\TSP100\Software\20171207\portemu_umdf_tsp100.exe [207872 2016-02-26] () [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [789072 2022-07-25] (Bitdefender SRL -> Bitdefender)
S3 TcpEmulatorTSP100LAN; C:\Program Files\StarMicronics\TSP100\Software\20171207\tcpemu_tsp100lan.exe [351744 2015-05-22] (STAR MICRONICS CO,.LTD) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11500840 2021-04-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [280128 2022-08-09] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821312 2022-07-15] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [4829088 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [798128 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [33208 2022-03-02] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-12-01] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [1263536 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 honeywell_cdc; C:\WINDOWS\system32\DRIVERS\honeywell_cdc.sys [108072 2017-09-04] (HONEYWELL INTERNATIONAL INC. -> Jungo)
R3 honeywell_enum; C:\WINDOWS\System32\drivers\honeywell_enum.sys [106024 2017-09-04] (HONEYWELL INTERNATIONAL INC. -> Jungo)
R2 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [185312 2020-12-14] (Bitdefender SRL -> Bitdefender)
R3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [316376 2022-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [633264 2022-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [480184 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-02 08:34 - 2022-09-02 08:37 - 000022402 _____ C:\Users\Prodejna\Desktop\FRST.txt
2022-09-02 08:34 - 2022-09-02 08:36 - 000000000 ____D C:\FRST
2022-09-02 08:33 - 2022-09-02 08:32 - 002371072 _____ (Farbar) C:\Users\Prodejna\Desktop\FRST64.exe
2022-09-02 08:32 - 2022-09-02 08:32 - 002371072 _____ (Farbar) C:\Users\Prodejna\Downloads\FRST64.exe
2022-08-31 09:52 - 2022-08-31 09:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-08-31 09:52 - 2022-08-31 09:52 - 000002912 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Prodejna
2022-08-31 09:52 - 2022-08-31 09:52 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-08-31 09:52 - 2022-08-31 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-08-31 09:51 - 2022-09-02 08:01 - 000000000 ____D C:\Program Files\CCleaner
2022-08-31 09:51 - 2022-08-31 09:51 - 050492480 _____ (Piriform Software Ltd) C:\Users\Prodejna\Downloads\ccsetup603.exe
2022-08-30 07:23 - 2022-08-30 07:23 - 000000000 ____D C:\Users\Prodejna\AppData\Local\Viber
2022-08-29 08:26 - 2022-08-29 08:26 - 000042356 _____ C:\Users\Prodejna\Downloads\Shipment list no.14072803601.pdf
2022-08-16 08:09 - 2022-08-16 08:09 - 000040454 _____ C:\Users\Prodejna\Downloads\Shipment list no.14046489403.pdf
2022-08-15 07:43 - 2022-08-15 07:43 - 000099140 _____ C:\ProgramData\agent.update.1660542206.bdinstall.v2.bin
2022-08-11 07:39 - 2022-08-11 07:39 - 000000000 ____D C:\Users\Prodejna\AppData\Local\Bdch
2022-08-10 08:46 - 2022-08-10 08:46 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 08:46 - 2022-08-10 08:46 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 08:45 - 2022-08-10 08:45 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 08:45 - 2022-08-10 08:45 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-10 08:45 - 2022-08-10 08:45 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 08:44 - 2022-08-10 08:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-10 08:44 - 2022-08-10 08:44 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 08:44 - 2022-08-10 08:44 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-10 08:07 - 2022-08-10 08:07 - 000000000 ___HD C:\$WinREAgent
2022-08-09 08:28 - 2022-08-09 08:28 - 000003110 _____ C:\WINDOWS\system32\Tasks\QNAPQsyncAutoLaunch
2022-08-09 08:28 - 2022-08-09 08:28 - 000001943 _____ C:\Users\Public\Desktop\Qsync Client.lnk
2022-08-09 08:28 - 2022-08-09 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP
2022-08-09 08:26 - 2022-08-09 08:26 - 073542296 _____ (QNAP SYSTEMS, INC.) C:\Users\Prodejna\Downloads\QNAPQsyncClientWindows-5.0.5.0620.exe
2022-08-08 07:34 - 2022-08-08 07:34 - 000004096 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Prodejna_20220808073431
2022-08-08 07:34 - 2022-08-08 07:34 - 000003778 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Prodejna

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-02 08:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-02 08:00 - 2018-09-18 14:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-02 07:59 - 2021-05-14 07:10 - 000000000 ____D C:\Users\Prodejna\Documents\Sticky Passwords
2022-09-02 07:59 - 2018-09-18 15:16 - 000000000 ___RD C:\Users\Prodejna\Qsync
2022-09-02 07:58 - 2018-09-18 15:10 - 000000000 ____D C:\Users\Prodejna\AppData\Roaming\eM Client
2022-09-02 07:57 - 2018-09-18 14:16 - 000000000 __SHD C:\Users\Prodejna\IntelGraphicsProfiles
2022-09-01 16:53 - 2020-08-26 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-01 14:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-01 14:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-01 10:40 - 2021-12-13 08:26 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3885610105-3758572810-27774397-1001
2022-09-01 10:40 - 2020-08-26 18:05 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3885610105-3758572810-27774397-1001
2022-09-01 10:40 - 2020-08-26 17:48 - 000002386 _____ C:\Users\Prodejna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-31 12:55 - 2020-08-26 18:05 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-31 12:55 - 2020-08-26 18:05 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-31 09:56 - 2020-08-17 07:41 - 000000000 ___DC C:\WINDOWS\Panther
2022-08-31 09:56 - 2018-09-19 09:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-08-31 09:24 - 2018-09-18 14:12 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-31 07:25 - 2018-10-04 14:07 - 000000000 ____D C:\Users\Prodejna\AppData\Roaming\ViberPC
2022-08-30 12:11 - 2021-12-01 21:10 - 000480184 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2022-08-30 12:11 - 2018-12-21 09:52 - 004829088 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2022-08-30 12:11 - 2018-12-21 09:52 - 001263536 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2022-08-30 12:11 - 2018-12-21 09:52 - 000798128 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2022-08-29 09:29 - 2018-10-04 14:07 - 000000000 ____D C:\Users\Prodejna\Documents\ViberDownloads
2022-08-29 07:18 - 2020-06-09 08:43 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-24 10:18 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2022-08-17 07:13 - 2020-08-26 18:05 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 07:13 - 2020-08-26 18:05 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-15 07:44 - 2020-08-26 18:05 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-08-15 07:44 - 2018-12-21 09:48 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-08-11 07:52 - 2018-09-19 09:28 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-08-11 07:30 - 2020-08-26 17:59 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-11 07:30 - 2019-12-07 16:41 - 000683620 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-11 07:30 - 2019-12-07 16:41 - 000137420 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-11 07:30 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-11 07:23 - 2020-08-26 18:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-11 07:23 - 2020-08-26 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-11 07:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-10 17:04 - 2020-08-26 17:47 - 000267000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 17:04 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-08-10 17:02 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-10 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 08:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 08:44 - 2020-08-26 17:50 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 07:59 - 2018-09-18 14:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 07:52 - 2018-09-18 14:40 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-09 16:59 - 2020-08-26 17:48 - 000000000 ____D C:\Users\Prodejna
2022-08-09 08:27 - 2018-09-18 15:12 - 000000000 ____D C:\Users\Prodejna\AppData\Local\QNAP

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#3 Příspěvek od **Rudy** » 02 zář 2022 09:05

Zdravím!
Není tento PC náhodou firemní?

pritt · #4 Příspěvek od **pritt** » 02 zář 2022 09:44

Dobrý den,
Ano je.

pritt · #5 Příspěvek od **pritt** » 02 zář 2022 13:59

A je to problém, pokud je to firemní PC?
Asi se neorientuji a na první dobrou jsem nenašel info, že by nešlo.
Děkuji

#6 Příspěvek od **Rudy** » 04 zář 2022 11:56

Je vidět, že nečtete pravidla. Koukněte sem: https://forum.viry.cz/viewtopic.php?t=5601 (bod 6)

pritt · #7 Příspěvek od **pritt** » 05 zář 2022 07:52

Tak to se omlouvám. To jsem opravdu nečetl.

Tak na to budeme aspoň koukat z lepší stránky, rozšíříme si obzor vyskakovacími okny

Pěkný den všem.

#8 Příspěvek od **Rudy** » 05 zář 2022 09:19

OK. Můžete se obrátit sem: https://neslape.cz/?utm_campaign=neslap ... ium=banner . Služba je ovšem placená

VIRY.CZ

samovolné otevírání oken Chrom - prosím o kontrolu

samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu

Re: samovolné otevírání oken Chrom - prosím o kontrolu