Prosím o kontrolu. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.06.2024
Ran by havla (administrator) on DESKTOP-DL0DBIR (ASUSTeK COMPUTER INC. X555LF) (13-06-2024 17:20:44)
Running from C:\Users\havla\Desktop\FRST64.exe
Loaded Profiles: havla
Platform: Microsoft Windows 10 Home Version 22H2 19045.4529 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [423832 2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [10731416 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [Spotify] => C:\Users\havla\AppData\Roaming\Spotify\Spotify.exe [19227064 2022-01-22] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7610 Series" (No File)
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKBE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-7610 Series" (No File)
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [MicrosoftEdgeAutoLaunch_B588F47A238491974D5DD1034C11ABB7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON WF-7610 Series 64MonitorBE: C:\Windows\system32\E_YLMBKBE.DLL [179712 2013-10-21] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\Windows\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\Windows\system32\hpinkstsEE11LM.dll [383496 2015-09-01] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\125.0.6422.144\Installer\chrmstp.exe [2024-06-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {E8DF7CF9-5FEF-4357-88EB-E3EBA74F2D80} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {5376FE1E-7EE1-45F1-84F8-B18D9E27F3E0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (No File)
Task: {910C86CD-7756-4A31-AF47-2BB665F10E2A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {A5696603-DC39-4A2C-91A4-FD15FFD65737} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {552DB515-FEA3-4258-8595-75F0A4D9B8AA} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4891032 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {6CEA5364-2F00-43F5-A52E-1220E866BF8A} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [8039832 2024-05-08] (Avast Software s.r.o. -> Avast Software)
Task: {1BE5E54B-062C-457E-96F3-C0CE2D3CA989} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5079448 2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E68BE96A-1296-444F-A647-0E6CAD298EAB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {98B21A84-C113-49E9-8BAA-BC456148C4D0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EDEAAD76-EDEB-4839-985F-C64F97138BA1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9183ab17-c75b-434d-ac78-1222540c6613" --version "6.11.10455" --silent
Task: {8F2CA546-1B8E-4A4B-9E68-CB3958237522} - System32\Tasks\CCleanerSkipUAC - havla => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E8E0A39F-FCA6-4E41-B396-EF96907AE596} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5683696 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
Task: {7829B577-757A-41DA-B58A-F60D59EC9F5D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{3D58E416-D14B-4AD7-8AAD-5FFFF10466E7} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {E4EFC893-ED4B-43F0-AC3F-14722253DDAA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2823124483-3532812185-2156521902-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [1769224 2024-06-11] (Mega Limited -> )
Task: {A49A6AB8-F461-4B54-A500-6DB8BA6F8F38} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BECF219-F4DF-43BB-B079-8DE1139A7AFD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {18782B62-6A0A-494B-AFAE-3B92FB39BF31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221336 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F320B62C-3F45-47A5-A130-382370F5CBF6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221336 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0C67E28-B92C-40E0-BF1F-3379210F554B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FF60218C-BEB1-404D-B36D-2251986D36A3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{380787c8-25cb-4722-8af4-92e975f3a3bb}: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}\B496E6F6020596C6F647570284F63747: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}\B496E6F6020596C6F647570284F63747F5: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}\B696E6F60796C6F6475702261627: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}\D496B627F64596B6: [DhcpNameServer] 192.168.206.129 31.30.90.11 31.30.90.12
Edge:
=======
Edge Profile: C:\Users\havla\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\havla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04]
Edge Extension: (Edge relevant text changes) - C:\Users\havla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default [2024-06-13]
CHR Extension: (CacheList) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2021-09-18]
CHR Extension: (Avast Passwords) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2024-06-09]
CHR Extension: (Pomocník GIVT.cz) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2023-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
CHR Extension: (AdBlock — block ads across the web) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-06-10]
CHR Extension: (FormApps Extension) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2024-04-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-06-13]
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-06-13]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-04-23]
CHR Extension: (Google Docs Offline) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-30]
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-06-13]
CHR Extension: (Avast SafePrice) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-29]
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9026968 2024-06-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [761752 2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1198488 2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
S2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [17233304 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20424 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229832 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [380360 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292808 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269768 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548808 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69168 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [939976 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [698424 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306744 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-13 17:20 - 2024-06-13 17:22 - 000025453 _____ C:\Users\havla\Desktop\FRST.txt
2024-06-13 17:06 - 2024-06-13 17:05 - 002395136 _____ (Farbar) C:\Users\havla\Desktop\FRST64.exe
2024-06-13 17:05 - 2024-06-13 17:05 - 002395136 _____ (Farbar) C:\Users\havla\Downloads\FRST64.exe
2024-06-13 16:45 - 2024-06-13 16:45 - 000000000 ____D C:\ProgramData\Piriform
2024-06-13 16:15 - 2024-06-13 16:15 - 000000000 ____D C:\Users\havla\AppData\LocalLow\Oracle
2024-06-13 16:13 - 2024-06-13 16:13 - 000000000 ____D C:\WINDOWS\system32\DAX3
2024-06-13 16:13 - 2024-06-13 16:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-06-13 16:07 - 2024-06-13 16:07 - 000002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2024-06-13 16:07 - 2024-06-13 16:06 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2024-06-13 16:06 - 2024-06-13 16:06 - 001554736 _____ (Avast Software) C:\Users\havla\Downloads\avast_driver_updater_online_setup.exe
2024-06-11 20:42 - 2024-06-11 20:42 - 000000000 ___HD C:\$WinREAgent
2024-06-09 16:50 - 2024-06-09 16:50 - 000087969 _____ C:\Users\havla\Desktop\VR_c._1044_-_Rokycanova_18-279_NP_c._102.pdf
2024-06-08 14:01 - 2024-06-08 14:01 - 000000000 ____D C:\WINDOWS\system32\o2
2024-06-08 13:32 - 2024-06-08 13:30 - 000315288 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-06-03 10:45 - 2024-06-03 10:45 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-03 10:34 - 2024-06-03 10:34 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-13 17:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-13 17:21 - 2021-02-19 16:36 - 000000000 ____D C:\FRST
2024-06-13 17:05 - 2020-11-10 08:26 - 000000000 ____D C:\Program Files\CCleaner
2024-06-13 17:00 - 2015-12-02 12:49 - 000000000 ____D C:\ProgramData\AVAST Software
2024-06-13 16:56 - 2021-02-23 19:06 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-06-13 16:56 - 2016-04-10 07:35 - 000000000 __SHD C:\Users\havla\IntelGraphicsProfiles
2024-06-13 16:55 - 2023-12-19 22:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-13 16:55 - 2020-10-09 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2024-06-13 16:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-13 16:55 - 2018-05-23 07:42 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-13 16:54 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-06-13 16:44 - 2018-05-27 23:55 - 000000000 ____D C:\Users\havla\AppData\Roaming\MPC-HC
2024-06-13 16:43 - 2023-12-11 12:20 - 000000000 ___DC C:\WINDOWS\Panther
2024-06-13 16:43 - 2018-07-07 17:40 - 000000000 ____D C:\Users\havla\AppData\Local\CrashDumps
2024-06-13 16:35 - 2021-05-16 17:21 - 000000000 ____D C:\Users\havla\AppData\Roaming\.minecraft
2024-06-13 16:35 - 2021-05-16 17:21 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2024-06-13 16:31 - 2020-10-13 18:23 - 000000000 ____D C:\Users\havla\AppData\Roaming\Microsoft\Teams
2024-06-13 16:28 - 2021-08-25 15:45 - 000000000 ____D C:\ProgramData\EPSON
2024-06-13 16:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-06-13 16:26 - 2021-08-25 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2024-06-13 16:26 - 2015-12-02 12:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-06-13 16:25 - 2021-08-25 15:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2024-06-13 16:23 - 2021-08-25 15:47 - 000000000 ____D C:\Program Files (x86)\epson
2024-06-13 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-13 16:18 - 2018-05-23 08:10 - 000000000 ____D C:\Users\havla\AppData\Local\Packages
2024-06-13 16:15 - 2023-12-19 22:38 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-13 16:15 - 2019-12-07 16:41 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2024-06-13 16:15 - 2019-12-07 16:41 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2024-06-13 16:14 - 2023-12-19 22:57 - 000003260 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2024-06-13 16:14 - 2023-12-19 22:57 - 000003216 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2024-06-13 16:13 - 2018-05-23 07:40 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2024-06-13 16:13 - 2018-05-23 07:40 - 000000000 ____D C:\WINDOWS\system32\DAX2
2024-06-13 16:07 - 2023-12-19 22:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-06-13 16:07 - 2018-05-25 23:40 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2024-06-13 16:07 - 2018-05-25 22:25 - 000000000 ____D C:\Users\havla\AppData\Roaming\AVAST Software
2024-06-13 16:07 - 2015-12-02 12:49 - 000000000 ____D C:\Program Files\AVAST Software
2024-06-13 15:59 - 2023-12-19 22:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-13 10:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-12 13:18 - 2023-12-19 22:18 - 000344064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-12 13:17 - 2023-05-14 12:13 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-06-12 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-12 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-12 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-12 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-12 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-12 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-12 13:14 - 2023-12-19 21:08 - 000000000 ____D C:\WINDOWS\en-GB
2024-06-12 13:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-12 13:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-12 13:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-12 11:36 - 2018-05-24 15:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-12 08:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-12 08:03 - 2023-12-19 22:22 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-12 08:00 - 2023-12-19 22:57 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-12 08:00 - 2023-12-19 22:57 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-06-12 08:00 - 2023-12-19 22:57 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-12 08:00 - 2023-12-19 22:57 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-06-12 08:00 - 2023-12-19 22:57 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-06-12 08:00 - 2023-12-19 22:57 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - havla
2024-06-12 07:18 - 2023-12-19 21:54 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-12 07:18 - 2018-05-25 22:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-12 07:18 - 2018-05-25 22:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-06-11 20:28 - 2018-05-24 15:48 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-11 20:18 - 2018-08-24 18:54 - 000000000 ____D C:\Users\havla\AppData\Roaming\vlc
2024-06-11 15:08 - 2018-05-25 23:23 - 000000000 ____D C:\Users\havla\AppData\Roaming\Microsoft\Word
2024-06-11 11:01 - 2018-09-23 10:04 - 000000000 ____D C:\ProgramData\MEGAsync
2024-06-10 16:05 - 2018-05-29 16:59 - 000000000 ____D C:\Users\havla\AppData\Roaming\Microsoft\Excel
2024-06-09 20:36 - 2018-05-25 23:23 - 000000000 ____D C:\Users\havla\AppData\Roaming\Microsoft\Office
2024-06-09 16:41 - 2018-12-15 00:51 - 000000000 ____D C:\Users\havla\AppData\Local\ElevatedDiagnostics
2024-06-09 10:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-06-08 14:02 - 2018-05-25 23:41 - 000939976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-06-08 13:47 - 2018-07-13 11:33 - 000000000 ____D C:\ProgramData\Packages
2024-06-08 13:35 - 2023-01-17 11:35 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-06-08 13:35 - 2020-06-22 17:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-08 13:32 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-06-08 13:31 - 2020-10-20 09:04 - 000269768 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-06-08 13:31 - 2020-04-20 20:56 - 000548808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-06-08 13:31 - 2019-01-08 15:26 - 000292808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-06-08 13:31 - 2019-01-08 15:26 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-06-08 13:31 - 2018-10-16 16:16 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-06-08 13:31 - 2018-05-25 23:41 - 000698424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-06-08 13:31 - 2018-05-25 23:41 - 000306744 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-06-08 13:31 - 2018-05-25 23:41 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-06-08 13:31 - 2018-05-25 23:41 - 000069168 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-06-08 13:30 - 2019-08-25 20:12 - 000020424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-06-08 13:30 - 2018-05-25 23:41 - 000229832 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-06-08 13:29 - 2019-01-16 00:56 - 000380360 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-06-03 12:06 - 2024-01-06 00:31 - 000000000 ____D C:\WINDOWS\InboxApps
2024-06-03 12:06 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-06-03 12:06 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-06-03 12:06 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-06-03 12:06 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-06-03 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-06-03 12:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-06-03 09:36 - 2015-08-15 07:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-06-03 09:07 - 2022-11-13 15:26 - 000000000 ____D C:\Program Files\RUXIM
2024-05-19 10:00 - 2022-10-13 09:01 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
==================== Files in the root of some directories ========
2020-05-12 16:16 - 2020-05-12 16:16 - 024166400 _____ () C:\Program Files (x86)\GUT69C4.tmp
2020-11-11 10:12 - 2020-11-11 13:18 - 000000220 _____ () C:\Users\havla\AppData\Roaming\debug.log
2018-05-23 08:11 - 2020-12-08 17:55 - 000000165 _____ () C:\Users\havla\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.06.2024
Ran by havla (13-06-2024 17:29:18)
Running from C:\Users\havla\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4529 (X64) (2023-12-22 09:21:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2823124483-3532812185-2156521902-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2823124483-3532812185-2156521902-503 - Limited - Disabled)
Guest (S-1-5-21-2823124483-3532812185-2156521902-501 - Limited - Disabled)
havla (S-1-5-21-2823124483-3532812185-2156521902-1001 - Administrator - Enabled) => C:\Users\havla
WDAGUtilityAccount (S-1-5-21-2823124483-3532812185-2156521902-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 24.1.5025.17362 - Avast Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.5.6116 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
dupeGuru 4.1.1 (HKLM\...\dupeGuru) (Version: 4.1.1 - Hardcoded Software)
FormApps Signing Extension (HKLM-x32\...\{35C42D1D-32DC-404F-8978-A30B0D64DD26}) (Version: 2.24.0.43 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.144 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5BD7E621-9791-4D9F-A620-1BA51153B749}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{A53B7EAB-86BD-4F16-8C44-011B1376326A}) (Version: 11.0.0.1162 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{555B1C57-E71B-4775-BC1D-627EEF693F0D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Spotify) (Version: 1.1.77.643.g3c4c6fc6 - Spotify AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
XnView 2.35 (HKLM-x32\...\XnView_is1) (Version: 2.35 - Gougelet Pierre-e)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
Zoom (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\ZoomUMX) (Version: 5.8.4 (1736) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-18] ()
Artinii Cinema Player -> C:\Program Files\WindowsApps\Artinii.ArtiniiCinemaPlayer_1.1.984.0_x64__3p48kjqbq46a6 [2024-05-29] (Artinii)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-11] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.22.10269.0_x64__rz1tebttyb220 [2024-06-03] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-29] (Microsoft Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-05-25] (Flipboard)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-19] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-12-19] (Microsoft Corporation)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-05-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{5A4FF9DB-6E13-419A-8A88-1F98B4533C57} -> [MEGA] => D:\MEGA [2016-06-30 05:51]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-08] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1_S-1-5-21-2823124483-3532812185-2156521902-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-2823124483-3532812185-2156521902-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-2823124483-3532812185-2156521902-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-08-25 15:45 - 2013-10-21 12:04 - 000179712 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_YLMBKBE.DLL
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\sharepoint.com -> hxxps://zsvoborecz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2019-01-06 16:26 - 000000831 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havla\Desktop\6854405-spring-wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "PianoMarvelPlugin.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "PianoMarvel"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{171DC7EA-4597-4236-B4F8-1BD6E50F6846}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => No File
FirewallRules: [TCP Query User{F6F73727-20FC-4C8A-B845-7D37CB9B3157}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => No File
FirewallRules: [UDP Query User{96470EB3-3091-435E-80A6-761FC6C1D5B1}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{68798D4A-4D21-4123-97B9-9932A33C9E5D}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{403828BD-5267-4856-934E-BCC4E3D12CBA}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{2AA4FC9A-1FF6-4369-95BB-AC084C8750DE}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{EFC4C140-8045-4B57-BE14-51E6069B1A87}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{9B1090AD-C57F-48BC-9E6B-4F1DF7DD6659}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{377282C7-4AA4-480D-BD54-7560729A35E6}] => (Allow) C:\Users\havla\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{288382E8-3152-4208-B0BE-5C8B893BC72A}] => (Allow) C:\Users\havla\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E38170F2-5EDA-4DE6-B455-D09A8DB62CCF}] => (Allow) C:\Users\havla\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{81790010-B33A-490D-8619-63DCAD3AE7EF}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => No File
FirewallRules: [TCP Query User{AF0EADF4-FB95-4A56-B4E6-3E16D28D08C7}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E52F2720-A918-4044-877B-26E0F26EFA5F}C:\users\havla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\havla\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{99655D73-E26F-456D-8CF4-996001C35229}C:\users\havla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\havla\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F6CBD66-195A-4F0D-9003-686A227400B6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{EEE5F1A1-CA33-48EE-94EF-7D34E5426A88}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [UDP Query User{21D419E2-890F-498B-9A5C-C3C8793E63A2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe => No File
FirewallRules: [TCP Query User{F277E9DB-08E6-4994-AB91-1BD6F133313E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe => No File
FirewallRules: [{F3D992E5-7DD2-4C19-AFC3-64F56559F05F}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{76139F29-5D11-4B66-B988-5425FE3CFA81}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [UDP Query User{84492CD6-6173-470B-9FA2-1403EC116A8F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DABEC2E3-4AF3-4A6E-94FD-3AB03F71FAA1}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9CAB3E60-76B3-45AD-9434-5624D665D3F0}C:\users\havla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\havla\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F97C9053-0DC1-48DC-AADE-DC460B301A81}C:\users\havla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\havla\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6238BDA-D5AE-454E-887C-19B4564D321E}] => (Allow) C:\Users\havla\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{53CB37DE-CE75-4429-91E8-974AD4FB0D9E}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{968E6F15-EF99-475D-ADD9-8366EF14EC1E}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{82AC5D21-3BE4-4D6B-A5AA-D84C95C214AE}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{DC0BAFB8-8E85-433E-8221-90B4B41F1981}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{E308D1F2-28F4-43DC-B1BD-18DC3C0DF847}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1C37925-7172-4C63-B887-5CF343C98F1E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{02547E29-559E-45A4-9412-D31766FDF612}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B2906903-ABD6-47A5-A95E-09A8CD3E5774}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53ACE21A-AF50-4547-945F-E78E7B766797}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD25626E-151A-4114-B2FF-DB05B68E38C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2A6503DA-B6A4-4FF0-A183-751DB0D8BA00}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{163069A2-0503-49B8-BCA7-581218A548FA}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Restore Points =========================
11-06-2024 20:38:07 Instalační služba modulů systému Windows
11-06-2024 21:00:49 Instalační služba modulů systému Windows
13-06-2024 16:09:31 Avast Driver Updater Restore Point
13-06-2024 16:19:24 Removed Epson Event Manager
13-06-2024 16:21:08 Removed Epson Customer Research Participation
13-06-2024 16:23:22 Removed Epson Software Updater
13-06-2024 16:24:31 Removed Epson ReadyInk Agent (A)
13-06-2024 16:26:17 Removed EpsonNet Print
13-06-2024 16:32:33 Removed Piano Marvel Plugin
13-06-2024 16:34:29 Removed Minecraft Launcher
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/13/2024 04:21:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-DL0DBIR)
Description: Aplikaci nebo službu EpsonCustomerResearchParticipation nelze restartovat.
Error: (06/13/2024 12:37:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/13/2024 12:36:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/10/2024 09:19:26 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll
Error: (06/10/2024 09:19:26 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: User Interaction Required while trying to get a token silently. ErrorCode: 0xcaa2000c, Error: AADSTS9002341: User is required to permit SSO. Trace ID: 22c937d1-a8e3-4faa-b220-a65000b86300 Correlation ID: 9fc9bcb8-1eec-4f86-ab6a-9c9a52035e77 Timestamp: 2024-06-10 07:18:51Zmcpmanagementservice.dll
Error: (06/10/2024 09:19:22 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll
Error: (06/10/2024 09:19:22 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: User Interaction Required while trying to get a token silently. ErrorCode: 0xcaa2000c, Error: AADSTS9002341: User is required to permit SSO. Trace ID: 22c937d1-a8e3-4faa-b220-a65000b86300 Correlation ID: 9fc9bcb8-1eec-4f86-ab6a-9c9a52035e77 Timestamp: 2024-06-10 07:18:51Zmcpmanagementservice.dll
Error: (06/10/2024 09:19:17 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll
System errors:
=============
Error: (06/13/2024 04:58:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/13/2024 04:58:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (06/13/2024 04:56:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avast Driver Updater neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/13/2024 04:56:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avast Driver Updater bylo dosaženo časového limitu (45000 ms).
Error: (06/13/2024 04:56:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba FontCache3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/13/2024 04:56:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (45000 ms).
Error: (06/13/2024 10:10:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba úložiště přestala během spouštění reagovat.
Error: (06/13/2024 10:08:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
CodeIntegrity:
===============
Date: 2024-06-13 17:05:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X555LF.504 08/04/2015
Motherboard: ASUSTeK COMPUTER INC. X555LF
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 8094.39 MB
Available physical RAM: 4483.59 MB
Total Virtual: 10398.39 MB
Available Virtual: 6951.05 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.77 GB) (Free:205.45 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:178.45 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
\\?\Volume{33a3c012-6d96-4827-82e6-0d90c88d6290}\ () (Fixed) (Total:0.57 GB) (Free:0.05 GB) NTFS
\\?\Volume{47efe859-77c0-44ba-b28f-6c83bac1dfd4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C8F77A8E)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola staršího notebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola staršího notebooku
Ahoj,
prescanuj PC s MBAM
prescanuj PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Preventivní kontrola staršího notebooku
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 6/13/2024
Scan Time: 6:07 PM
Log File: 0ed871ac-299f-11ef-ad52-2c56dcb0e79c.json
-Software Information-
Version: 5.1.5.116
Components Version: 1.0.1252
Update Package Version: 1.0.85805
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4529)
CPU: x64
File System: NTFS
User: DESKTOP-DL0DBIR\havla
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 262138
Threats Detected: 11
Threats Quarantined: 0
Time Elapsed: 30 min, 35 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 1
PUP.Optional.ASK, C:\USERS\HAVLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 1275, 454823, 1.0.85805, , ame, , ,
File: 10
PUP.Optional.Seznam, C:\USERS\HAVLA\DOWNLOADS\MEGASYNCSETUP.EXE, No Action By User, 7151, 623984, 1.0.85805, , ame, , 23AE52668CA664124442C3C4AF9B020A, 78B0FB8290E6AA3BB06BCEAF317871F6667A6E47A88F4446F53145F9AB1F2763
PUP.Optional.ASK, C:\USERS\HAVLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 1275, 454823, 1.0.85805, , ame, , 7D1C2E1768B33F870FF92DF47086177C, 7CE9C23D9DAD082A161A1C916C19CA1839E147A2F174A751D2ED00F4C5C28859
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 1275, 454823, 1.0.85805, , ame, , 50C9C8A8481694A82BFC2946D869FEDE, 93D14BDF8929652A7F46F067F0FC2B189EB77ABEEDB70AAB83528D5A28987937
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002591.log, No Action By User, 1275, 454823, 1.0.85805, , ame, , 87184090B6B7D7075569BB5385792203, A785F965748E2700CD01C0F442180B08EC5A6CBFBDBD8D4AFCE721A1426EB259
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002593.ldb, No Action By User, 1275, 454823, 1.0.85805, , ame, , E95126236DC997E9E1A6ED9B545A29DD, 4EE27F727A4CDC13FF9DC64BDD63090B58157B41869ADC3783F4F1BD503EA0E3
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 1275, 454823, 1.0.85805, , ame, , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 1275, 454823, 1.0.85805, , ame, , ,
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 1275, 454823, 1.0.85805, , ame, , 480AB462DE433DB646E2EC41DAB67387, 28A4D269F8C3025B262EC994AFBFDF8EFD526FFC8B5080B2E51BA6B5A97065AC
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 1275, 454823, 1.0.85805, , ame, , D6EEE34E44250624340C8CCEEE976BED, 330960801633170C324C6E936D42122EAA690DC7E6C03C11F48F7EBD8C5C0024
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 1275, 454823, 1.0.85805, , ame, , C0B9C0F05B2A6EB7543DB9D595254324, 3993ACF553370A0C690B44FD86D21B6DDA4B51D82C438288D9C602F4F2DC5C91
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
www.malwarebytes.com
-Log Details-
Scan Date: 6/13/2024
Scan Time: 6:07 PM
Log File: 0ed871ac-299f-11ef-ad52-2c56dcb0e79c.json
-Software Information-
Version: 5.1.5.116
Components Version: 1.0.1252
Update Package Version: 1.0.85805
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4529)
CPU: x64
File System: NTFS
User: DESKTOP-DL0DBIR\havla
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 262138
Threats Detected: 11
Threats Quarantined: 0
Time Elapsed: 30 min, 35 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 1
PUP.Optional.ASK, C:\USERS\HAVLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 1275, 454823, 1.0.85805, , ame, , ,
File: 10
PUP.Optional.Seznam, C:\USERS\HAVLA\DOWNLOADS\MEGASYNCSETUP.EXE, No Action By User, 7151, 623984, 1.0.85805, , ame, , 23AE52668CA664124442C3C4AF9B020A, 78B0FB8290E6AA3BB06BCEAF317871F6667A6E47A88F4446F53145F9AB1F2763
PUP.Optional.ASK, C:\USERS\HAVLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 1275, 454823, 1.0.85805, , ame, , 7D1C2E1768B33F870FF92DF47086177C, 7CE9C23D9DAD082A161A1C916C19CA1839E147A2F174A751D2ED00F4C5C28859
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 1275, 454823, 1.0.85805, , ame, , 50C9C8A8481694A82BFC2946D869FEDE, 93D14BDF8929652A7F46F067F0FC2B189EB77ABEEDB70AAB83528D5A28987937
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002591.log, No Action By User, 1275, 454823, 1.0.85805, , ame, , 87184090B6B7D7075569BB5385792203, A785F965748E2700CD01C0F442180B08EC5A6CBFBDBD8D4AFCE721A1426EB259
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002593.ldb, No Action By User, 1275, 454823, 1.0.85805, , ame, , E95126236DC997E9E1A6ED9B545A29DD, 4EE27F727A4CDC13FF9DC64BDD63090B58157B41869ADC3783F4F1BD503EA0E3
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 1275, 454823, 1.0.85805, , ame, , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 1275, 454823, 1.0.85805, , ame, , ,
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 1275, 454823, 1.0.85805, , ame, , 480AB462DE433DB646E2EC41DAB67387, 28A4D269F8C3025B262EC994AFBFDF8EFD526FFC8B5080B2E51BA6B5A97065AC
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 1275, 454823, 1.0.85805, , ame, , D6EEE34E44250624340C8CCEEE976BED, 330960801633170C324C6E936D42122EAA690DC7E6C03C11F48F7EBD8C5C0024
PUP.Optional.ASK, C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 1275, 454823, 1.0.85805, , ame, , C0B9C0F05B2A6EB7543DB9D595254324, 3993ACF553370A0C690B44FD86D21B6DDA4B51D82C438288D9C602F4F2DC5C91
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Re: Preventivní kontrola staršího notebooku
Najdene nechaj zmazat/do karanteny
Vycisti registre s Ccleanerom
hotovo
Vycisti registre s Ccleanerom
hotovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Preventivní kontrola staršího notebooku
Hotovo. Moc děkuji!
Re: Preventivní kontrola staršího notebooku
Rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?