Havěť v PC - kontrola logu

Zpráva

Houmr_9 · #1 Příspěvek od **Houmr_9** » 23 kvě 2024 15:35

Dobrý den, prosím o kontrolu logu PC, tchyně s tchánem na něm chytili nějakou havěť.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.05.2024 01
Ran by 42077 (administrator) on VAŐKµTOVI (Gigabyte Technology Co., Ltd. A320M-S2H) (23-05-2024 16:23:50)
Running from C:\Users\42077\Desktop\FRST64.exe
Loaded Profiles: 42077
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe <6>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe [1343072 2021-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [424344 2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\Run: [MicrosoftEdgeAutoLaunch_7C937BDA9CCA925841CFA41A86124D8B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45430176 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.210\Installer\chrmstp.exe [2024-05-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0686FDD7-38EF-41A0-91CC-D3B0F0A36B14} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {434E7E9A-308F-4583-B236-5E182F33AB0E} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6F39018C-ECD0-445C-BDF5-95F559977115} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DB8073F2-B09F-4813-A129-D78EE3DB434F} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183232 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F4558B2B-93F7-450C-A8D9-71100E430A82} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5201304 2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {64929CD8-7F63-44D5-93FB-77777100216F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2348952 2024-05-23] (Avast Software s.r.o. -> Avast Software)
Task: {0225EC80-6A4D-4E50-A64F-165F8F3A9FE0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {40A5C3AD-1BF4-428C-8A39-6582FC58B7FB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "09276cbb-f247-48a2-9d6b-505b0aa2c2ef" --version "6.24.11060" --silent
Task: {C806E3E8-719F-409D-AE09-55E6B37DFCD0} - System32\Tasks\CCleanerSkipUAC - 42077 => C:\Program Files\CCleaner\CCleaner.exe [39169952 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {AF5029E6-5C16-42D0-9FF9-24F99C9F534C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{775893FC-403B-4B5D-A893-A60FA8BE3BF8} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {C897C5DF-1704-41B7-A5EA-4FBCBE262094} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{B29FF3B9-A0C1-4CD4-BA17-1A60571B09F6} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {383F562F-6F53-4052-AFDD-C9D5D4E7F092} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17792D7-F8BE-41E3-9924-15E32CF6C9C0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B6BD065-7276-4D10-88C9-A16BF544B1C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F73D0CD-7A9A-4D2C-8E14-DB31CF48222A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {7773628C-9346-4C8F-A7A0-B3E76B386786} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {9FEABC16-5755-48B0-99D6-B148CFE89627} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {20F2E7E7-1F77-425D-A0B6-764E00946088} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673184 2024-05-23] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {51C0393A-4235-4918-999E-9E6AB05B6511} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3530414869-3745828373-2086365394-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673184 2024-05-23] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {2E48CF36-4649-4B72-81F0-4B47EF9C49E2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {10DFE8EA-94B6-4CF2-B848-AB56C26760B9} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3530414869-3745828373-2086365394-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [65536 2024-05-15] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{31dcafae-bdd3-4c69-a058-5110397a2552}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{d38e5474-a5c1-403d-a3bb-e6fd444634a9}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{d38e5474-a5c1-403d-a3bb-e6fd444634a9}\4505D2C496E6B6F564442323: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d38e5474-a5c1-403d-a3bb-e6fd444634a9}\F423D294E6475627E65647D2530333: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-23]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-05-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]
Edge Extension: (Edge relevant text changes) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\koefoniljlakompjaegmdiemdajkhccp [2024-03-14]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: e655tqi8.default
FF ProfilePath: C:\Users\42077\AppData\Roaming\Mozilla\Firefox\Profiles\e655tqi8.default [2023-03-05]
FF ProfilePath: C:\Users\42077\AppData\Roaming\Mozilla\Firefox\Profiles\y2v8wuvr.default-release [2024-05-23]
FF Homepage: Mozilla\Firefox\Profiles\y2v8wuvr.default-release -> www.seznam.cz
FF Extension: (Malwarebytes Browser Guard) - C:\Users\42077\AppData\Roaming\Mozilla\Firefox\Profiles\y2v8wuvr.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-05-23]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3530414869-3745828373-2086365394-1001: @servis24.cz/PKIComponent -> C:\Users\42077\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2023-03-24] (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3530414869-3745828373-2086365394-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\42077\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2023-03-24] (Česká spořitelna a.s. -> Česká spořitelna, a.s.)

Chrome:
=======
CHR Profile: C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default [2024-05-23]
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-05]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9152408 2024-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [766872 2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1203608 2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-05-23] (Avast Software s.r.o. -> AVAST Software)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s. -> Monet+, a.s.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0389592.inf_amd64_402e259562886e49\B386218\amdkmdag.sys [94464432 2023-03-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20536 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229944 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [379960 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [292920 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [27760 2024-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28728 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268856 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548920 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97848 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [935992 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [695864 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203720 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [306120 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-05-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-05-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 GemCCID; C:\Windows\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz153; \??\C:\Windows\temp\cpuz153\cpuz153_x64.sys [X] <==== ATTENTION
S3 DIRECTIO; \??\C:\Users\Administrator\Desktop\BurnInTest\DirectIo64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-05-23 16:23 - 2024-05-23 16:24 - 000021701 _____ C:\Users\42077\Desktop\FRST.txt
2024-05-23 16:23 - 2024-05-23 16:24 - 000000000 ____D C:\FRST
2024-05-23 16:21 - 2024-05-23 16:23 - 000000000 ___HD C:\avast! sandbox
2024-05-23 16:10 - 2024-05-23 16:10 - 000000000 ____D C:\ProgramData\Piriform
2024-05-23 16:09 - 2024-05-23 16:21 - 000000000 ____D C:\Program Files\CCleaner
2024-05-23 16:09 - 2024-05-23 16:09 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-05-23 16:09 - 2024-05-23 16:09 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-05-23 16:09 - 2024-05-23 16:09 - 000002892 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - 42077
2024-05-23 16:09 - 2024-05-23 16:09 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2024-05-23 16:09 - 2024-05-23 16:09 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-05-23 16:09 - 2024-05-23 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-05-23 16:04 - 2024-05-23 16:04 - 083689152 _____ (Piriform Software Ltd) C:\Users\42077\Downloads\ccsetup624.exe
2024-05-23 15:55 - 2024-05-23 15:55 - 000000000 ____D C:\Users\42077\Doctor Web
2024-05-23 15:47 - 2024-05-23 15:50 - 000000000 ____D C:\AdwCleaner
2024-05-23 15:41 - 2024-05-23 15:43 - 320285528 _____ C:\Users\42077\Desktop\lnyhgbod.exe
2024-05-23 15:37 - 2024-05-23 15:55 - 000000000 ____D C:\Users\42077\AppData\Local\Malwarebytes
2024-05-23 15:31 - 2024-05-23 15:42 - 008790880 _____ (Malwarebytes) C:\Users\42077\Desktop\adwcleaner_8.4.2.exe
2024-05-23 15:25 - 2024-05-23 15:25 - 002395136 _____ (Farbar) C:\Users\42077\Desktop\FRST64.exe
2024-05-23 15:17 - 2024-05-23 15:18 - 000000000 ____D C:\Users\42077\AppData\Local\Avast Software
2024-05-23 15:16 - 2024-05-23 15:16 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-05-23 15:16 - 2024-05-23 15:16 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-05-23 15:16 - 2024-05-23 15:16 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2024-05-23 15:16 - 2024-05-23 15:16 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2024-05-23 15:16 - 2024-05-23 15:16 - 000000000 ____D C:\Users\42077\AppData\Roaming\Avast Software
2024-05-23 15:15 - 2024-05-23 15:15 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-05-23 15:15 - 2024-05-23 15:15 - 000314776 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2024-05-23 15:15 - 2024-05-23 15:15 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-05-23 15:15 - 2024-05-23 15:15 - 000000000 ____D C:\Windows\system32\o2
2024-05-23 15:15 - 2024-05-23 15:15 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-05-23 15:15 - 2024-05-23 15:15 - 000000000 ____D C:\Program Files\Avast Software
2024-05-23 15:14 - 2024-05-23 15:15 - 000000000 ____D C:\ProgramData\Avast Software
2024-05-20 21:00 - 2024-05-20 21:00 - 000004234 _____ C:\Users\42077\Downloads\smime (4).p7s
2024-05-20 20:59 - 2024-05-20 20:59 - 000004234 _____ C:\Users\42077\Downloads\smime (3).p7s
2024-05-20 20:59 - 2024-05-20 20:59 - 000004234 _____ C:\Users\42077\Downloads\smime (2).p7s
2024-05-02 12:37 - 2024-05-23 15:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-05-01 22:02 - 2024-05-01 22:02 - 000449529 _____ C:\Users\42077\Downloads\Stav_portfolia_20240416 (2).pdf
2024-05-01 22:01 - 2024-05-01 22:01 - 000449529 _____ C:\Users\42077\Downloads\Stav_portfolia_20240416 (1).pdf
2024-05-01 21:59 - 2024-05-01 21:59 - 000449529 _____ C:\Users\42077\Downloads\Stav_portfolia_20240416.pdf
2024-04-30 20:26 - 2024-04-30 20:26 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-04-24 17:54 - 2024-04-24 17:54 - 000019782 _____ C:\Users\42077\Downloads\VYPISY_20240424 (11).zip
2024-04-24 17:52 - 2024-04-24 17:52 - 000019044 _____ C:\Users\42077\Downloads\VYPISY_20240424 (9).zip
2024-04-24 17:52 - 2024-04-24 17:52 - 000019044 _____ C:\Users\42077\Downloads\VYPISY_20240424 (8).zip
2024-04-24 17:52 - 2024-04-24 17:52 - 000019044 _____ C:\Users\42077\Downloads\VYPISY_20240424 (10).zip
2024-04-24 17:51 - 2024-04-24 17:51 - 000019044 _____ C:\Users\42077\Downloads\VYPISY_20240424 (7).zip
2024-04-24 17:51 - 2024-04-24 17:51 - 000018910 _____ C:\Users\42077\Downloads\VYPISY_20240424 (6).zip
2024-04-24 17:50 - 2024-04-24 17:50 - 000018917 _____ C:\Users\42077\Downloads\VYPISY_20240424 (5).zip
2024-04-24 17:50 - 2024-04-24 17:50 - 000018917 _____ C:\Users\42077\Downloads\VYPISY_20240424 (4).zip
2024-04-24 17:49 - 2024-04-24 17:49 - 000018917 _____ C:\Users\42077\Downloads\VYPISY_20240424 (3).zip
2024-04-24 17:48 - 2024-04-24 17:48 - 000019338 _____ C:\Users\42077\Downloads\VYPISY_20240424 (2).zip
2024-04-24 17:47 - 2024-04-24 17:47 - 000019708 _____ C:\Users\42077\Downloads\VYPISY_20240424 (1).zip
2024-04-24 17:46 - 2024-04-24 17:46 - 000019782 _____ C:\Users\42077\Downloads\VYPISY_20240424.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-05-23 16:13 - 2024-02-29 20:03 - 000000000 ____D C:\Windows\Minidump
2024-05-23 16:13 - 2023-03-05 15:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-23 16:13 - 2022-08-04 00:21 - 000000000 ____D C:\Windows\Panther
2024-05-23 16:10 - 2023-03-05 14:54 - 000000000 ____D C:\Users\42077\AppData\Local\D3DSCache
2024-05-23 16:10 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-05-23 15:59 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-05-23 15:57 - 2023-03-05 15:05 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-23 15:57 - 2023-03-05 15:05 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-23 15:55 - 2023-03-05 14:51 - 000000000 ____D C:\Users\42077
2024-05-23 15:54 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-05-23 15:50 - 2023-03-05 15:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-23 15:50 - 2023-03-05 15:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-23 15:50 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-23 15:23 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-23 15:23 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-05-23 15:19 - 2022-08-03 23:23 - 000000000 ____D C:\ProgramData\Packages
2024-05-23 15:16 - 2022-08-03 14:29 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-05-23 15:10 - 2022-11-29 19:12 - 000003106 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-05-23 15:10 - 2022-11-29 19:12 - 000003078 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-05-23 15:10 - 2022-08-03 23:21 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-23 15:10 - 2022-08-03 23:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-23 15:10 - 2022-08-03 23:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-05-22 19:53 - 2023-03-05 14:55 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3530414869-3745828373-2086365394-1001
2024-05-22 19:53 - 2023-03-05 14:55 - 000003368 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3530414869-3745828373-2086365394-1001
2024-05-22 19:53 - 2023-03-05 14:55 - 000002381 _____ C:\Users\42077\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-22 13:57 - 2022-11-29 19:12 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-05-22 13:57 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-05-19 18:53 - 2022-08-03 23:22 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-19 18:53 - 2022-08-03 23:22 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-05-17 02:08 - 2023-03-05 17:37 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-17 02:08 - 2023-03-05 17:37 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-05-17 02:08 - 2023-03-05 15:09 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-05-17 02:08 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-17 02:04 - 2022-08-03 23:21 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-05-17 02:01 - 2022-08-03 14:26 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-17 01:53 - 2022-08-03 23:21 - 000650776 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-17 01:51 - 2023-10-11 21:22 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-05-17 01:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-05-17 01:51 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-05-15 20:57 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-05-15 20:56 - 2023-03-07 20:07 - 000000000 ____D C:\Windows\system32\MRT
2024-05-15 20:55 - 2023-03-07 20:07 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-15 20:42 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-05-15 20:42 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-05-15 20:38 - 2022-08-03 23:25 - 003214336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-05-15 20:33 - 2023-08-09 12:58 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-05-07 16:54 - 2022-08-03 23:22 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-07 16:54 - 2022-08-03 23:22 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-30 20:30 - 2023-03-05 15:04 - 000000000 ____D C:\Program Files (x86)\Google

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.05.2024 01
Ran by 42077 (23-05-2024 16:26:31)
Running from C:\Users\42077\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) (2023-03-05 09:06:04)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

42077 (S-1-5-21-3530414869-3745828373-2086365394-1001 - Administrator - Enabled) => C:\Users\42077
Administrator (S-1-5-21-3530414869-3745828373-2086365394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3530414869-3745828373-2086365394-503 - Limited - Disabled)
Guest (S-1-5-21-3530414869-3745828373-2086365394-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3530414869-3745828373-2086365394-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.03.03.431 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.87 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.18.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.8.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{0fd12917-eb35-466f-b411-02c45a8a505d}) (Version: 4.03.03.431 - Advanced Micro Devices, Inc.) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.4.6112 - Avast Software)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.24 - Piriform)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.16 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.16 - Monet+,a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.210 - Google LLC)
LibreOffice 7.5.1.2 (HKLM\...\{BFAC9A9B-8A3E-47A6-97AE-53DC3266ACE1}) (Version: 7.5.1.2 - The Document Foundation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17531.20152 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.97 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\OneDriveSetup.exe) (Version: 24.098.0514.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 126.0 (x64 cs)) (Version: 126.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 110.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20152 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
RyzenMasterSDK (HKLM\...\{0B945CE6-14BB-4EDF-874D-37850349036B}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-14] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-13] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21110.548.0_x64__8wekyb3d8bbwe [2024-03-07] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-14] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24042.39.0_x64__cw5n1h2txyewy [2024-05-21] (Microsoft Windows) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.254.0_x64__dt26b99r8h8gj [2023-11-11] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0 [2024-05-07] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-17] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\42077\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-23] (Avast Software s.r.o. -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\42077\Desktop\adwcleaner_8.4.2.exe:MBAM.Zone.Identifier [156]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.hal3000.cz
HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\csas.cz -> hxxps://bezpecnost.csas.cz
IE trusted site: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\servis24.cz -> hxxps://www.servis24.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\PC\main.jpg
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5E56A17F-625F-4836-B6DC-7083FAE237C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6AED0569-A71D-4480-9534-21EF9BF98ABD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{642D20FD-2C2D-4578-A37E-5E7B5FEA7F38}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15016434-5B40-4742-9F37-71A88299BB29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{760F3503-5DDB-44A3-9593-DD0F41637C2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{077F4741-BC41-4398-B8D6-0D930A1B4357}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EBA66105-5641-4301-A8E3-F5108000A563}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D7F17CA-E726-405A-9884-B9C125AD6C30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A3F897B5-74D7-453F-9318-5F8975D31AFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A59D87C-7B65-4776-9300-794D88E9CE6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30B71F1A-3B1C-439C-B67A-26159C7B63A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{34A69C1D-560E-46F1-8E22-E62829EB0AC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AE19EFD7-1EFC-4037-BED4-5E6B0C2E0071}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B4338F3-BB3A-45A8-8281-253220762DCB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C4991B10-F856-4FED-B6B1-DEAE0EA59422}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22D9D170-DE29-4797-9094-FB469152D9ED}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26172A6B-68B9-4BE5-A5E9-5E3882ECA651}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A9D69ECB-3749-4F92-B4B5-CF5DD4CF8E02}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{9EE65804-6FE3-41C1-8321-F19DB3A0DFA5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-05-2024 19:08:12 Windows Update
20-05-2024 09:20:04 Windows Update
23-05-2024 15:19:45 Windows Update
23-05-2024 15:19:49 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/23/2024 03:10:43 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VAŐKµTOVI$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/23/2024 03:10:42 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(62ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/22/2024 01:58:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VAŐKµTOVI$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 11:58:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 78f68f64-5bf3-4713-8799-6798cfb7898c

Metoda: GET(312ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/22/2024 01:58:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 11:58:23 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5f3bd0e4-e126-46fc-b837-eac16d686e03

Metoda: GET(344ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/22/2024 01:57:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (05/22/2024 01:57:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (05/17/2024 01:54:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 2552, identifikátor PID ProfSvc: 548.

Error: (05/17/2024 01:54:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 2552, identifikátor PID ProfSvc: 548.

System errors:
=============
Error: (05/23/2024 04:18:10 PM) (Source: DCOM) (EventID: 10000) (User: VAŐKµTOVI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/23/2024 04:13:28 PM) (Source: DCOM) (EventID: 10000) (User: VAŐKµTOVI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/23/2024 04:01:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (05/23/2024 04:01:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/23/2024 03:56:23 PM) (Source: DCOM) (EventID: 10010) (User: VAŐKµTOVI)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/23/2024 03:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/23/2024 03:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/23/2024 03:51:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Windows Defender:
================
Date: 2024-05-21 09:24:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {459E1882-7241-4DB4-8228-D0914A2F2C32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-20 09:21:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {397B2414-9066-4E19-8DA4-3809B33D273C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-19 09:20:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7C1CC8BD-73F0-4C70-B0A4-50BFB11B71EC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-18 18:02:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2690D70A-54EB-40B1-81F5-A55E6E30A598}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-16 20:01:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7B5B56E2-800C-4AB3-9212-57ACA5D3A532}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-03-01 18:00:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.405.792.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-03-15 19:44:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1797.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-03-15 19:44:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1797.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-03-11 18:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1447.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-03-11 17:12:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1447.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-05-23 15:54:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2024-05-23 15:54:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. F55 06/07/2022
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 4500 6-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 16253.14 MB
Available physical RAM: 10562.73 MB
Total Virtual: 17277.14 MB
Available Virtual: 11644.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.47 GB) (Free:132.8 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:931.38 GB) (Model: WDC WD10EZEX-00BBHA0) NTFS

\\?\Volume{f3097d4a-184a-4c48-acd4-21ea9e435f7a}\ (SYSTEM) (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: D7DB2986)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: D7DB29F5)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 23 kvě 2024 16:01

Zdravím!
Nejprve spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Houmr_9 · #3 Příspěvek od **Houmr_9** » 23 kvě 2024 16:26

Díky.

Tady log:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2024
# Duration: 00:00:00
# OS: Windows 11 (Build 22631.3593)
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [23/05/2024 15:50:41]
AdwCleaner[C00].txt - [1610 octets] - [23/05/2024 15:51:12]
AdwCleaner[S01].txt - [1542 octets] - [23/05/2024 15:51:41]
AdwCleaner[S02].txt - [1603 octets] - [23/05/2024 15:51:53]
AdwCleaner[C02].txt - [1793 octets] - [23/05/2024 15:51:58]
AdwCleaner[S03].txt - [1725 octets] - [23/05/2024 16:01:08]
AdwCleaner[C03].txt - [1915 octets] - [23/05/2024 16:01:13]
AdwCleaner[S04].txt - [1847 octets] - [23/05/2024 16:05:11]
AdwCleaner[S05].txt - [1908 octets] - [23/05/2024 16:07:47]
AdwCleaner[S06].txt - [1969 octets] - [23/05/2024 17:24:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

#4 Příspěvek od **Rudy** » 23 kvě 2024 16:57

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {AF5029E6-5C16-42D0-9FF9-24F99C9F534C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{775893FC-403B-4B5D-A893-A60FA8BE3BF8} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {C897C5DF-1704-41B7-A5EA-4FBCBE262094} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{B29FF3B9-A0C1-4CD4-BA17-1A60571B09F6} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz153; \??\C:\Windows\temp\cpuz153\cpuz153_x64.sys [X] <==== ATTENTION
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-14] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Houmr_9 · #5 Příspěvek od **Houmr_9** » 23 kvě 2024 17:22

Děkuji a zde další log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22.05.2024 01
Ran by 42077 (23-05-2024 18:19:53) Run:1
Running from C:\Users\42077\Desktop
Loaded Profiles: 42077
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {AF5029E6-5C16-42D0-9FF9-24F99C9F534C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{775893FC-403B-4B5D-A893-A60FA8BE3BF8} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {C897C5DF-1704-41B7-A5EA-4FBCBE262094} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{B29FF3B9-A0C1-4CD4-BA17-1A60571B09F6} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz153; \??\C:\Windows\temp\cpuz153\cpuz153_x64.sys [X] <==== ATTENTION
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-14] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF5029E6-5C16-42D0-9FF9-24F99C9F534C}" => not found
"C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{775893FC-403B-4B5D-A893-A60FA8BE3BF8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{775893FC-403B-4B5D-A893-A60FA8BE3BF8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C897C5DF-1704-41B7-A5EA-4FBCBE262094}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C897C5DF-1704-41B7-A5EA-4FBCBE262094}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{B29FF3B9-A0C1-4CD4-BA17-1A60571B09F6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{B29FF3B9-A0C1-4CD4-BA17-1A60571B09F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz153 => removed successfully
cpuz153 => service removed successfully
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-14] (Microsoft Corporation) => Error: No automatic fix found for this entry.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7448572 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 4607692 B
Edge => 0 B
Chrome => 32552476 B
Firefox => 15196141 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7928 B
NetworkService => 7928 B
42077 => 268310589 B

RecycleBin => 64410 B
EmptyTemp: => 314 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:20:02 ====

#6 Příspěvek od **Rudy** » 23 kvě 2024 18:39

Smazáno, PC by již měl být čistý.

Houmr_9 · #7 Příspěvek od **Houmr_9** » 23 kvě 2024 18:43

Mockrát děkuji za pomoc, velmi si toho vážím. Doufám, že si tam tchyně s tchánem zase něco nenatáhnou.

#8 Příspěvek od **Rudy** » 23 kvě 2024 19:45

Rádo se stalo!

VIRY.CZ

Havěť v PC - kontrola logu

Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu

Re: Havěť v PC - kontrola logu