ahoj, prosim o kontrolu RFST, pri písaní dlžnov a makčenov mi to dá 2x znak ako napr´´klad tu a ˇˇcasto (to boli priklady)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by Jojo (administrator) on DESKTOP-NJI2HDQ (Dell Inc. Vostro 15 3515) (12-10-2024 21:56:58)
Running from C:\Users\dell\Desktop\FRST64.exe
Loaded Profiles: Jojo
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistHardwareDiags.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCopyAccelerator.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <36>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nsv73A3.tmp\TvUpdateInfo.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe [5332192 2023-10-11] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [673184 2024-05-22] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [ut] => C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe [2071560 2024-08-09] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\MountPoints2: {e7ad5aaf-55fd-11ee-82aa-f889d26372d0} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\129.1.70.126\Installer\chrmstp.exe [2024-10-09] (Brave Software, Inc. -> Brave Software, Inc.)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3005200C-D018-4C27-A290-33BAF8F44997} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {A75C6EC4-9668-4DFF-83CC-1490E62B0D07} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{C9A24630-2E4E-426A-9C20-AFDEE57D1375} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167448 2024-09-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {E7C7EB66-E367-40C2-8C3B-C677E089703F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{F9C3FDF2-E898-4A11-8AFD-90641155DCBD} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167448 2024-09-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {F6F51C5B-44A4-4B9C-B839-A987DEC34315} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [964936 2024-04-25] (Dell Technologies Inc. -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {BF327668-B66C-4085-9EB5-8CEB64804F9A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {A8334479-7532-4FE1-ADC2-EEB2633FA11D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {17566DC2-D357-4758-9A14-8CDE91DFD162} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B248BAB-A3EC-4A8B-8D54-8B04F0190FFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {367FEDAF-6C41-4A72-B36B-0E823E54FCC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE446390-8020-4288-ACA9-C7445039ABFA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\FlickLearningWipiHelper.ProxyStub => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\/U "C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\YqeufldDTMCI.dll"
Task: {1DEF3148-3249-44EA-995F-461B8F10F416} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76D5462E-E53D-4F33-9051-FF03B7558C4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {784F7C7A-03B5-4A23-B30C-B9A50B1FB35A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE3C88B5-27A8-46F6-A8CE-0F8435A172DC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {9BC5573D-6AAA-45EB-A68E-00B6DF20A5A6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {36F1E9D1-DBF7-4A4E-A6D5-A29545D0A211} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3623039732-264876851-2668231124-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpDomain] home
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-12]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
FireFox:
========
FF DefaultProfile: wnsqvz9f.default
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\wnsqvz9f.default [2022-05-16]
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release [2024-09-22]
FF Session Restore: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> hxxps://meet.google.com
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\firefox@ghostery.com.xpi [2024-09-22]
FF Extension: (Feedly Notifier) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-BOjn8b0IM7kH2w@jetpack.xpi [2023-07-23]
FF Extension: (I don't care about cookies) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2024-01-26]
FF Extension: (Language: Čeština (Czech)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2024-09-22]
FF Extension: (Visionary – Balanced) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\visionary-balanced-colorway@mozilla.org.xpi [2023-04-24]
FF Extension: (Urban VPN proxy) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\{fca67f41-776b-438a-9382-662171858615}.xpi [2024-01-26]
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2024-10-12]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR Session Restore: Default -> is enabled.
CHR Extension: (Tabs Backup & Restore) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2024-06-20]
CHR Extension: (Feedly Notifier) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2024-06-20]
CHR Extension: (I don't care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-09]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-07]
CHR Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-10-12]
CHR Extension: (VPN Surf - Rýchla VPN odblokovaním) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhnfcgpcbfclhfafjlooihdfghaeinfc [2024-09-21]
CHR Extension: (Enable local file links) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikfmfgobenbhmocjaaboihbeocackld [2024-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-20]
Brave:
=======
BRA Profile: C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-09-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-09-18]
BRA Extension: (Brave NTP background images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-09-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjgplcflbkgklplplbakkopkafojhbmk [2024-09-18]
BRA Extension: (Brave Ads Resources) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\obponfmfefkaeehakbehbnnlcbebebhd [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2024-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167448 2024-09-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\129.1.70.126\elevation_service.exe [2666512 2024-10-09] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167448 2024-09-18] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203440 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57832 2024-07-15] (Dell Inc. -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-12-13] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51936 2024-07-19] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2080120 2024-06-04] (IndiLogic LLC -> Dell Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncHelper.exe [3523128 2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.)
S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_b7f9dde45e4b9cdd\AS\IAS\IntelAudioService.exe [537984 2021-04-02] (Smart Sound Technology -> Intel)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.181.0908.0001\OneDriveUpdaterService.exe [3864592 2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SessionSvc; C:\Windows\System32\drivers\GoodixSessionService.exe [45344 2024-03-18] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22548280 2024-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe [161000 2023-10-11] (Waves Inc -> Waves Audio Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\amdkmdag.sys [106388072 2024-05-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [35792 2020-09-01] (Dell Inc -> OSR Open Systems Resources, Inc.)
R3 DPMDriver; C:\Windows\System32\drivers\DPMDriver.sys [142272 2024-03-25] (IndiLogic LLC -> Dell Inc.)
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems LTD -> Aladdin Knowledge Systems Ltd.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [137040 2021-01-21] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-11-28] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\dell\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 fuvcfgrc; \??\C:\Windows\system32\drivers\fuvcfgrc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-12 21:56 - 2024-10-12 21:57 - 000030969 _____ C:\Users\dell\Desktop\FRST.txt
2024-10-12 21:55 - 2024-10-12 21:57 - 000000000 ____D C:\FRST
2024-10-12 21:53 - 2024-10-12 21:53 - 002397696 _____ (Farbar) C:\Users\dell\Desktop\FRST64.exe
2024-10-12 21:49 - 2024-10-12 21:49 - 000388608 _____ (Trend Micro Inc.) C:\Users\dell\Downloads\hijackthis.exe
2024-10-12 21:47 - 2024-10-12 21:47 - 000000000 ____D C:\Windows\LastGood
2024-10-11 23:39 - 2024-10-11 23:39 - 000169478 _____ C:\Users\dell\Downloads\priloha_1424560888_0_zprava.pdf
2024-10-11 23:35 - 2024-10-12 21:45 - 000000020 _____ C:\Users\dell\Desktop\datovka.txt
2024-10-09 14:00 - 2024-10-09 14:00 - 000662438 _____ C:\Users\dell\Downloads\AIR-Vozidlo.pdf
2024-10-06 15:36 - 2024-10-06 15:36 - 000001614 _____ C:\Users\dell\Desktop\e61 moja vybava.txt
2024-10-05 18:17 - 2024-10-05 18:17 - 000397384 _____ C:\Users\dell\Downloads\Junkers-TRQ-21-W-B-Installations-u-Bedienungsanleitung.pdf
2024-09-27 19:30 - 2024-09-27 19:30 - 000052247 _____ C:\Users\dell\Downloads\The-Secret-of-Kells(0000162623).srt
2024-09-24 13:28 - 2024-09-24 13:36 - 000000000 ____D C:\Users\dell\Desktop\mp3
2024-09-24 13:20 - 2017-12-29 14:36 - 977387520 _____ C:\Users\dell\Desktop\The Secret of Kells (2009) BRRip Xvid orig zneni 720x400.avi
2024-09-24 13:05 - 2024-09-24 13:05 - 000001203 _____ C:\Users\dell\Desktop\SubtitleEdit – odkaz.lnk
2024-09-24 12:53 - 2024-09-24 13:14 - 000000000 ____D C:\Users\dell\Downloads\SE408
2024-09-24 12:52 - 2024-09-24 12:52 - 012190758 _____ C:\Users\dell\Downloads\SE408.zip
2024-09-24 12:45 - 2024-09-24 12:45 - 000012880 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000033369).zip
2024-09-24 12:38 - 2024-09-24 13:14 - 000038846 _____ C:\Users\dell\Downloads\Doctor Who S01E01.srt
2024-09-24 12:38 - 2024-09-24 12:38 - 000016801 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000110515).zip
2024-09-22 13:09 - 2024-09-22 13:10 - 000000000 ____D C:\Program Files\Java
2024-09-22 13:09 - 2024-06-05 13:24 - 000213120 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-09-22 13:09 - 2024-06-05 13:24 - 000178816 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2024-09-22 12:30 - 2024-09-22 12:30 - 000000000 ____D C:\Windows\{15DA82A3-B124-45FA-A87D-51DB76178223}
2024-09-22 12:01 - 2024-09-22 12:01 - 000000000 ____D C:\Users\dell\Downloads\The Witches of Eastwick 1987 BDRip 1080p DTS multisub-HighCode
2024-09-21 19:03 - 2024-09-21 19:03 - 000084084 _____ C:\Users\dell\Desktop\Magicka-posedlost(0000057817).srt
2024-09-21 19:01 - 2024-09-21 19:01 - 000084084 _____ C:\Users\dell\Desktop\Practical-Magic(0000122609).srt
2024-09-21 18:58 - 2024-09-21 19:05 - 000000000 ____D C:\Users\dell\Downloads\[ www.Torrenting.com ] - Practical.Magic.1998.iNTERNAL.DVDRip.XviD-8BaLLRiPS
2024-09-18 11:51 - 2024-10-09 18:56 - 000002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-09-18 11:51 - 2024-10-09 18:56 - 000002325 _____ C:\Users\Public\Desktop\Brave.lnk
2024-09-18 11:51 - 2024-09-18 11:51 - 000000000 ____D C:\Users\dell\AppData\Local\BraveSoftware
2024-09-18 11:50 - 2024-09-18 11:50 - 000003850 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{F9C3FDF2-E898-4A11-8AFD-90641155DCBD}
2024-09-18 11:50 - 2024-09-18 11:50 - 000003726 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{C9A24630-2E4E-426A-9C20-AFDEE57D1375}
2024-09-18 11:50 - 2024-09-18 11:50 - 000000000 ____D C:\Program Files\BraveSoftware
2024-09-18 11:50 - 2024-09-18 11:50 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2024-09-18 11:49 - 2024-09-18 11:50 - 001276712 _____ (BraveSoftware Inc.) C:\Users\dell\Downloads\BraveBrowserSetup-BRV010.exe
2024-09-17 23:14 - 2024-09-17 23:14 - 000119288 _____ C:\Users\dell\Downloads\Splnomocnenie pdf.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-12 21:56 - 2022-06-21 21:10 - 000000000 ____D C:\Windows\SystemTemp
2024-10-12 21:50 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\VirtualStore
2024-10-12 21:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-12 21:23 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-12 21:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-12 21:22 - 2021-09-14 20:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-10-12 21:22 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-12 21:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-12 15:59 - 2021-09-14 20:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-11 23:34 - 2024-08-04 17:27 - 000000000 ____D C:\Users\dell\Desktop\valce
2024-10-10 18:06 - 2021-09-14 20:19 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-10 18:06 - 2021-09-14 20:19 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-09 14:02 - 2023-01-19 10:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-10-28 11:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-05-16 12:10 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-09 13:57 - 2023-01-05 11:02 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-09 13:57 - 2023-01-02 19:46 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-09 13:57 - 2023-01-02 19:46 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-09 13:57 - 2022-05-16 11:45 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3623039732-264876851-2668231124-1001
2024-10-06 13:55 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\D3DSCache
2024-10-05 18:15 - 2024-06-20 18:11 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-05 18:15 - 2024-06-20 18:11 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-04 19:33 - 2021-09-14 20:35 - 000683504 _____ C:\Windows\system32\perfh005.dat
2024-10-04 19:33 - 2021-09-14 20:35 - 000137284 _____ C:\Windows\system32\perfc005.dat
2024-10-04 19:33 - 2021-09-14 20:05 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-01 20:10 - 2022-12-07 21:01 - 000000000 ____D C:\Users\dell\AppData\Roaming\vlc
2024-09-28 17:27 - 2024-03-22 15:39 - 000000000 ____D C:\Program Files\TeamViewer
2024-09-22 15:20 - 2022-05-16 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-09-22 15:19 - 2024-05-22 22:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-09-22 15:18 - 2021-09-14 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-22 15:18 - 2021-09-14 19:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-22 15:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-09-22 15:14 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-09-22 15:13 - 2024-06-18 22:36 - 000000000 ____D C:\Users\dell\AppData\Roaming\utorrent
2024-09-22 13:09 - 2023-05-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-09-22 13:09 - 2023-01-07 01:03 - 000000000 ____D C:\Program Files (x86)\Java
2024-09-22 12:43 - 2023-01-02 18:13 - 000000000 ____D C:\Users\dell\AppData\Local\BitTorrentHelper
2024-09-22 12:32 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files (x86)\Dell
2024-09-22 12:31 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\Packages
2024-09-22 12:31 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files\Dell
2024-09-18 19:27 - 2023-01-02 18:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-17 23:14 - 2022-10-28 10:50 - 000000000 ____D C:\Users\dell\AppData\Roaming\com.adobe.dunamis
2024-09-17 23:14 - 2022-05-18 14:35 - 000000000 ____D C:\Users\dell\AppData\Roaming\Microsoft\Word
2024-09-17 23:14 - 2022-05-16 12:05 - 000000000 ____D C:\Users\dell\AppData\Local\Adobe
2024-09-17 23:14 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Roaming\Adobe
2024-09-17 15:42 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Jojo (12-10-2024 21:58:17)
Running from C:\Users\dell\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) (2022-05-08 14:05:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3623039732-264876851-2668231124-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3623039732-264876851-2668231124-503 - Limited - Disabled)
Guest (S-1-5-21-3623039732-264876851-2668231124-501 - Limited - Disabled)
Jojo (S-1-5-21-3623039732-264876851-2668231124-1001 - Administrator - Enabled) => C:\Users\dell
WDAGUtilityAccount (S-1-5-21-3623039732-264876851-2668231124-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BMW Group ISTA (HKLM-x32\...\{FD79F009-F13C-4722-A0EC-5F342E584F7D}_is1) (Version: 4.25.32 - BMW AG)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 129.1.70.126 - Autoři prohlížeče Brave)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
Dell Digital Delivery Services (HKLM-x32\...\{7B4345F5-8B57-4716-B159-8A779BA8F8B0}) (Version: 5.2.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{1B2B45BE-37F7-4263-9262-B183735BF5A4}) (Version: 4.1.8330 - Screenovate Technologies Ltd.)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{B724D287-C1C8-472E-B56B-41AEA619740F}) (Version: 5.4.0 - Dell Inc.)
DuplicateFileFinder 2.4.4.128 (HKLM-x32\...\DFF128_is1) (Version: - )
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
Fingerprint Sensor Driver (HKLM-x32\...\{D9C19E6E-4403-4DDF-B290-ECFAE2072FF9}) (Version: 20.6.0.7 - Realtek Semiconductor Corp.)
Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java 8 Update 421 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Lovato Easy Fast 1.5.3 (HKLM-x32\...\{A97A35CE-FED7-4914-AEDD-D5C5F8E19AA6}) (Version: 1.5.3 - )
Lovato Easy Fast 1.5.6 SS (HKLM-x32\...\{314334D5-C293-4C7A-A8EC-90312599423B}) (Version: 1.5.6 - )
Lovato Easy Fast 1.6.0 (HKLM-x32\...\{6DE53D68-BDAA-4ACB-9F18-934111560C4B}) (Version: 1.6.0 - )
Lovato Easy Fast 1.8.1 E (HKLM-x32\...\{6EEF5A41-3D78-407C-997C-AFC78322D1D6}) (Version: 1.8.1 - Lovato Gas SpA)
Lovato Easy Fast S (HKLM-x32\...\{C3FDC674-FC78-485A-B441-6F8EC9EBFC91}) (Version: 1.12.2.12 - Lovato Gas Spa)
Microchip LAN9500 Device Driver (HKLM\...\{9387F7BF-D949-4421-89DA-D75A053F5E91}) (Version: 18.12.18.0 - Microchip Technology Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Volume - cs-cz) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.181.0908.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 126.0 (x64 en-US)) (Version: 126.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 100.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Orion by ESTECH (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Orion by ESTECH) (Version: 1.0.0.3741 - PT. Essential Teknologi Multimedia)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9597.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6C2C3E2A-EECF-4CA7-9AE4-54907F256E50}) (Version: 19.237.0255 - REALTEK Semiconductor Corp.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.58.4 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\ZoomUMX) (Version: 5.15.11 (21032) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.2.0.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2024-02-28] (Screenovate Technologies)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-06-19] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.4.19.0_x86__htrsf667h5kn2 [2024-09-22] (Dell Inc)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2022-05-08] (Dell Inc)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0 [2024-10-02] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2021 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2021_4.0.53.0_x64__fh4rh281wavaa [2022-05-16] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-10] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dell\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.181.0908.0001\FileSyncShell64.dll [2024-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_351-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\ediabas\bin;C:\EDIABAS\BIN\;C:\Program Files\dotnet\
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1600687.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CEB58F7F-2340-4815-B94F-29F3F90CEE4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC234EC3-6149-4D0B-9139-ADA6712DDEE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{66E08516-DDF2-49B8-93AE-FB10232678D4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E8AB8300-A5C7-4C0A-AFCC-A07967E4EDAC}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [TCP Query User{25325BF3-F629-4166-9696-4B5FB15F616C}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B869B1AE-7EDD-4EA8-BB4C-99C1FFDFD841}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{935F1E78-EDFE-43AE-A80C-6AAAC0835089}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CEA971-CB05-483C-9E05-0B2F11EFA627}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9A7D221-C687-4F9A-B8C1-3F5607C27E5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A8F0175-04F4-498E-BEDB-E740007D23CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9B9700-2E2B-4EC4-8325-A040997C139C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A5B325-E6A4-48EC-B974-0C69F92E3F73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19F5C229-04F8-45F6-BD7F-265F8E07E5E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAE62089-23FD-4EEB-A490-E46CAE32228E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E2A9698-4E53-4054-9F02-9DD65F8A025D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{92DA6803-C86D-49EB-BD09-0F19F4CF5E70}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{19EABCF5-4592-4F5B-AF2D-CB5778E6C6D3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{845A18F2-5CF4-4C85-A21C-6CB225191A15}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [UDP Query User{8ECA7DA8-E812-457F-98DC-BB3C7B51980A}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [{7BDB46C8-8FF2-49EE-AF37-426251426589}] => (Allow) C:\Users\dell\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CC0AEC8E-A2BB-4F98-98CC-7E7A420D0A36}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B59326B-925A-47E0-8098-B15A5FC849AB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81230130-5970-49EA-AE5B-9F8CC3AC4238}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1739BB72-28FD-4357-BA4A-0D0A3BB732E2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C1B99B7A-D337-40BE-9CBA-6CD6DD8F0492}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{E22928CD-9FDB-40DA-8E54-DD7D306FA2B5}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4EDC5CE6-97DE-4615-9616-D0AE3BEDE7BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ECF8A0E9-C772-4A3D-B885-104E4E85E828}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53C6688-A7B1-4639-9B9A-F0C4FC055405}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FEDD703-65A1-430E-874C-6901E1ECA155}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{59D9176B-AA40-41CD-BDDF-130166E8BC3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B0FD42E7-08FE-4F08-B1CF-6DF65924F698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BD3880A5-4E2F-42E4-932D-BFF080F21032}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1BD3E04E-C624-41C6-A130-561DECD51EA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDAC7781-ABFE-49EA-942F-EC7D14733D4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{802836F8-0EFA-4EEA-A0AE-86656E6042FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E89D016-14F7-4C73-80FE-4EF697C344F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1F09E70-F0F2-4756-A088-E65A6F656772}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09A63084-BBBB-42D2-A25A-4AE618942BF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AF34DC06-8F7A-4598-8071-9337991B2C6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C9DD3721-E226-4EE5-BCCB-9D7C1EE40DEC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F5C7B5D3-C186-4E70-908F-ABADC1DF10E9}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CA893D8C-294F-44CB-A5CC-8D89A26E299C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
12-10-2024 21:46:59 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/10/2024 07:22:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:02:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:01:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 5554
Start Time: 01db1b320eeef16e
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Report Id: e457b499-7c21-40b2-973e-11df253a5a05
Faulting package full name: 5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/06/2024 03:13:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/06/2024 03:01:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/05/2024 11:17:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SupportAssistSoftwareDiags.exe, verzia: 4.0.3.61632, časová značka: 0x64b073ea
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2364, časová značka: 0x5b7d4d22
Kód výnimky: 0xe0434352
Odstup chyby: 0x000000000002cd29
Identifikácia chybujúceho procesu: 0x4620
Čas spustenia chybujúcej aplikácie: 0x01db1706c2931a83
Cesta chybujúcej aplikácie: C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistSoftwareDiags.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: a8e9b491-51ea-4bf5-a909-e952f5a02e68
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/05/2024 11:17:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SupportAssistSoftwareDiags.exe
CoreCLR Version: 6.0.2824.12007
.NET Version: 6.0.28
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException: Safe handle has been closed.
Object name: 'SafeHandle'.
at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success)
at Interop.Kernel32.SetEvent(SafeWaitHandle handle)
at System.Threading.EventWaitHandle.Set()
at Dell.Client.Framework.Common.PluginManagerBase.Dispose(Boolean disposing)
at Dell.Client.Framework.Common.PluginManagerBase.Dispose()
at Dell.Client.Framework.Agent.Agent.Dispose(Boolean disposing)
at Dell.Client.Framework.Agent.Agent.Dispose()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.SoftwareDiagnosticsSubAgent.DisposeAgent()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.Program.CurrentDomain_ProcessExit(Object sender, EventArgs e)
at System.AppContext.OnProcessExit()
Error: (09/27/2024 07:33:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
System errors:
=============
Error: (10/09/2024 06:17:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9NH2SW16MQ7F-Microsoft.WindowsAppRuntime.1.5.
Error: (10/09/2024 06:01:52 PM) (Source: VDS Basic Provider) (EventID: 5) (User: )
Description: Cannot zero sectors on disk \\?\PhysicalDrive3. Error code: 5@0101000F
Error: (10/07/2024 09:40:06 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR17.
Error: (09/22/2024 03:18:36 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (09/22/2024 03:13:47 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Dell Client Management Service sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.
Error: (09/21/2024 02:07:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (09/19/2024 05:11:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (09/19/2024 05:10:20 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2024-06-09 19:47:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-08 14:46:38
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:11
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Event[0]:
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2023-11-10 19:09:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-05 20:11:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-02 14:22:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-16 19:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-25 14:40:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-21 15:29:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-02 19:30:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-22 18:11:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.27.0 07/10/2024
Motherboard: Dell Inc. 0G62VR
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 6030.26 MB
Available physical RAM: 978.38 MB
Total Virtual: 16270.26 MB
Available Virtual: 4951.64 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.9 GB) (Free:69.08 GB) (Model: PC SN530 NVMe WDC 256GB) NTFS
Drive e: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:122.74 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{16f63fd2-dffb-4822-b08c-a1a256a70b0e}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{589ff040-b0c3-4716-be89-7d1153570785}\ (Image) (Fixed) (Total:14.87 GB) (Free:0.16 GB) NTFS
\\?\Volume{7e9f1068-1485-4098-be6c-1fb3ca91f7f2}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.38 GB) NTFS
\\?\Volume{e35ca227-1a67-4280-8947-a2d904fa6c11}\ (ESP) (Fixed) (Total:0.24 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 61D739B2)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 8BAAD6F4)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
možný keyloger
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: možný keyloger
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: možný keyloger
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-14-2024
# Duration: 00:00:11
# OS: Windows 10 (Build 19043.2364)
# Cleaned: 12
# Awaiting reboot:2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Users\dell\Documents\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6F51C5B-44A4-4B9C-B839-A987DEC34315}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6F51C5B-44A4-4B9C-B839-A987DEC34315}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT
*************************
AdwCleaner[S00].txt - [2972 octets] - [14/10/2024 13:05:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-14-2024
# Duration: 00:00:11
# OS: Windows 10 (Build 19043.2364)
# Cleaned: 12
# Awaiting reboot:2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Users\dell\Documents\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6F51C5B-44A4-4B9C-B839-A987DEC34315}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6F51C5B-44A4-4B9C-B839-A987DEC34315}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT
*************************
AdwCleaner[S00].txt - [2972 octets] - [14/10/2024 13:05:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: možný keyloger
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: možný keyloger
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by Jojo (administrator) on DESKTOP-NJI2HDQ (Dell Inc. Vostro 15 3515) (14-10-2024 13:45:19)
Running from C:\Users\dell\Desktop\FRST64.exe
Loaded Profiles: Jojo
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atieclxx.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe [5332192 2023-10-11] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\MountPoints2: {e7ad5aaf-55fd-11ee-82aa-f889d26372d0} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-05] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3005200C-D018-4C27-A290-33BAF8F44997} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {BF327668-B66C-4085-9EB5-8CEB64804F9A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {A8334479-7532-4FE1-ADC2-EEB2633FA11D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {17566DC2-D357-4758-9A14-8CDE91DFD162} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B248BAB-A3EC-4A8B-8D54-8B04F0190FFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {367FEDAF-6C41-4A72-B36B-0E823E54FCC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE446390-8020-4288-ACA9-C7445039ABFA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\FlickLearningWipiHelper.ProxyStub => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\/U "C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\YqeufldDTMCI.dll"
Task: {1DEF3148-3249-44EA-995F-461B8F10F416} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76D5462E-E53D-4F33-9051-FF03B7558C4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {784F7C7A-03B5-4A23-B30C-B9A50B1FB35A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpDomain] home
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-14]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
FireFox:
========
FF DefaultProfile: wnsqvz9f.default
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\wnsqvz9f.default [2022-05-16]
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release [2024-09-22]
FF Session Restore: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> hxxps://meet.google.com
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\firefox@ghostery.com.xpi [2024-09-22]
FF Extension: (Feedly Notifier) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-BOjn8b0IM7kH2w@jetpack.xpi [2023-07-23]
FF Extension: (I don't care about cookies) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2024-01-26]
FF Extension: (Language: Čeština (Czech)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2024-09-22]
FF Extension: (Visionary – Balanced) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\visionary-balanced-colorway@mozilla.org.xpi [2023-04-24]
FF Extension: (Urban VPN proxy) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\{fca67f41-776b-438a-9382-662171858615}.xpi [2024-01-26]
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2024-10-14]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR Session Restore: Default -> is enabled.
CHR Extension: (Tabs Backup & Restore) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2024-06-20]
CHR Extension: (Feedly Notifier) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2024-06-20]
CHR Extension: (I don't care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-14]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-14]
CHR Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-10-14]
CHR Extension: (VPN Surf - Rýchla VPN odblokovaním) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhnfcgpcbfclhfafjlooihdfghaeinfc [2024-09-21]
CHR Extension: (Enable local file links) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikfmfgobenbhmocjaaboihbeocackld [2024-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-20]
Brave:
=======
BRA Profile: C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-09-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-09-18]
BRA Extension: (Brave NTP background images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-09-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjgplcflbkgklplplbakkopkafojhbmk [2024-09-18]
BRA Extension: (Brave Ads Resources) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\obponfmfefkaeehakbehbnnlcbebebhd [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2024-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203440 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57832 2024-07-15] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51936 2024-07-19] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2080120 2024-06-04] (IndiLogic LLC -> Dell Inc.)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.)
S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_b7f9dde45e4b9cdd\AS\IAS\IntelAudioService.exe [537984 2021-04-02] (Smart Sound Technology -> Intel)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SessionSvc; C:\Windows\System32\drivers\GoodixSessionService.exe [45344 2024-03-18] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22548280 2024-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe [161000 2023-10-11] (Waves Inc -> Waves Audio Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\amdkmdag.sys [106388072 2024-05-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [35792 2020-09-01] (Dell Inc -> OSR Open Systems Resources, Inc.)
R3 DPMDriver; C:\Windows\System32\drivers\DPMDriver.sys [142272 2024-03-25] (IndiLogic LLC -> Dell Inc.)
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems LTD -> Aladdin Knowledge Systems Ltd.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [137040 2021-01-21] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-11-28] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\dell\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 fuvcfgrc; \??\C:\Windows\system32\drivers\fuvcfgrc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 13:35 - 2024-10-14 13:35 - 000000000 _____ C:\Windows\invcol.tmp
2024-10-14 13:04 - 2024-10-14 13:06 - 000000000 ____D C:\AdwCleaner
2024-10-14 13:03 - 2024-10-14 13:03 - 008790880 _____ (Malwarebytes) C:\Users\dell\Desktop\adwcleaner.exe
2024-10-12 21:58 - 2024-10-12 21:59 - 000050795 _____ C:\Users\dell\Desktop\Addition.txt
2024-10-12 21:56 - 2024-10-14 13:45 - 000026607 _____ C:\Users\dell\Desktop\FRST.txt
2024-10-12 21:55 - 2024-10-14 13:45 - 000000000 ____D C:\FRST
2024-10-12 21:53 - 2024-10-12 21:53 - 002397696 _____ (Farbar) C:\Users\dell\Desktop\FRST64.exe
2024-10-12 21:49 - 2024-10-12 21:49 - 000388608 _____ (Trend Micro Inc.) C:\Users\dell\Downloads\hijackthis.exe
2024-10-12 21:47 - 2024-10-12 21:47 - 000000000 ____D C:\Windows\LastGood
2024-10-11 23:39 - 2024-10-11 23:39 - 000169478 _____ C:\Users\dell\Downloads\priloha_1424560888_0_zprava.pdf
2024-10-11 23:35 - 2024-10-12 21:45 - 000000020 _____ C:\Users\dell\Desktop\datovka.txt
2024-10-09 14:00 - 2024-10-09 14:00 - 000662438 _____ C:\Users\dell\Downloads\AIR-Vozidlo.pdf
2024-10-06 15:36 - 2024-10-06 15:36 - 000001614 _____ C:\Users\dell\Desktop\e61 moja vybava.txt
2024-10-05 18:17 - 2024-10-05 18:17 - 000397384 _____ C:\Users\dell\Downloads\Junkers-TRQ-21-W-B-Installations-u-Bedienungsanleitung.pdf
2024-09-27 19:30 - 2024-09-27 19:30 - 000052247 _____ C:\Users\dell\Downloads\The-Secret-of-Kells(0000162623).srt
2024-09-24 13:28 - 2024-09-24 13:36 - 000000000 ____D C:\Users\dell\Desktop\mp3
2024-09-24 13:20 - 2017-12-29 14:36 - 977387520 _____ C:\Users\dell\Desktop\The Secret of Kells (2009) BRRip Xvid orig zneni 720x400.avi
2024-09-24 13:05 - 2024-09-24 13:05 - 000001203 _____ C:\Users\dell\Desktop\SubtitleEdit – odkaz.lnk
2024-09-24 12:53 - 2024-09-24 13:14 - 000000000 ____D C:\Users\dell\Downloads\SE408
2024-09-24 12:52 - 2024-09-24 12:52 - 012190758 _____ C:\Users\dell\Downloads\SE408.zip
2024-09-24 12:45 - 2024-09-24 12:45 - 000012880 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000033369).zip
2024-09-24 12:38 - 2024-09-24 13:14 - 000038846 _____ C:\Users\dell\Downloads\Doctor Who S01E01.srt
2024-09-24 12:38 - 2024-09-24 12:38 - 000016801 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000110515).zip
2024-09-22 13:09 - 2024-09-22 13:10 - 000000000 ____D C:\Program Files\Java
2024-09-22 13:09 - 2024-06-05 13:24 - 000213120 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-09-22 13:09 - 2024-06-05 13:24 - 000178816 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2024-09-22 12:30 - 2024-09-22 12:30 - 000000000 ____D C:\Windows\{15DA82A3-B124-45FA-A87D-51DB76178223}
2024-09-22 12:01 - 2024-09-22 12:01 - 000000000 ____D C:\Users\dell\Downloads\The Witches of Eastwick 1987 BDRip 1080p DTS multisub-HighCode
2024-09-21 19:03 - 2024-09-21 19:03 - 000084084 _____ C:\Users\dell\Desktop\Magicka-posedlost(0000057817).srt
2024-09-21 19:01 - 2024-09-21 19:01 - 000084084 _____ C:\Users\dell\Desktop\Practical-Magic(0000122609).srt
2024-09-21 18:58 - 2024-10-12 22:37 - 000000000 ____D C:\Users\dell\Downloads\[ www.Torrenting.com ] - Practical.Magic.1998.iNTERNAL.DVDRip.XviD-8BaLLRiPS
2024-09-18 11:51 - 2024-09-18 11:51 - 000000000 ____D C:\Users\dell\AppData\Local\BraveSoftware
2024-09-18 11:49 - 2024-09-18 11:50 - 001276712 _____ (BraveSoftware Inc.) C:\Users\dell\Downloads\BraveBrowserSetup-BRV010.exe
2024-09-17 23:14 - 2024-09-17 23:14 - 000119288 _____ C:\Users\dell\Downloads\Splnomocnenie pdf.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 13:44 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-14 13:33 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\D3DSCache
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-14 13:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-14 13:26 - 2021-09-14 20:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-10-14 13:14 - 2021-09-14 20:35 - 000683504 _____ C:\Windows\system32\perfh005.dat
2024-10-14 13:14 - 2021-09-14 20:35 - 000137284 _____ C:\Windows\system32\perfc005.dat
2024-10-14 13:14 - 2021-09-14 20:05 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-14 13:14 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-14 13:09 - 2024-03-22 15:39 - 000000000 ____D C:\Program Files\TeamViewer
2024-10-14 13:09 - 2021-09-14 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-14 13:09 - 2021-09-14 19:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-14 13:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-10-14 13:08 - 2022-06-21 21:10 - 000000000 ____D C:\Windows\SystemTemp
2024-10-14 13:08 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-14 13:07 - 2021-09-14 20:19 - 000000000 ____D C:\ProgramData\Dell
2024-10-14 13:06 - 2022-05-18 14:53 - 000000000 ____D C:\Users\dell\Documents\Dell
2024-10-12 22:38 - 2022-05-21 23:43 - 000000000 ____D C:\Users\dell\Desktop\RevoUninstaller_Portable
2024-10-12 22:37 - 2024-06-18 22:36 - 000000000 ____D C:\Users\dell\AppData\Roaming\utorrent
2024-10-12 22:37 - 2021-09-14 19:58 - 000000000 ____D C:\ProgramData\Goodix
2024-10-12 22:32 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\Packages
2024-10-12 22:26 - 2024-02-11 15:41 - 000000000 ____D C:\Program Files (x86)\Lovato
2024-10-12 22:22 - 2022-05-16 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-12 22:21 - 2023-01-28 17:11 - 000000000 ____D C:\Users\dell\AppData\Roaming\Samsung
2024-10-12 22:20 - 2023-01-28 17:10 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-10-12 22:20 - 2022-05-18 16:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-10-12 21:50 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\VirtualStore
2024-10-12 15:59 - 2021-09-14 20:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-11 23:34 - 2024-08-04 17:27 - 000000000 ____D C:\Users\dell\Desktop\valce
2024-10-10 18:06 - 2021-09-14 20:19 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-10 18:06 - 2021-09-14 20:19 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-09 14:02 - 2023-01-19 10:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-10-28 11:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-05-16 12:10 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-05 18:15 - 2024-06-20 18:11 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-05 18:15 - 2024-06-20 18:11 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-01 20:10 - 2022-12-07 21:01 - 000000000 ____D C:\Users\dell\AppData\Roaming\vlc
2024-09-22 13:09 - 2023-05-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-09-22 13:09 - 2023-01-07 01:03 - 000000000 ____D C:\Program Files (x86)\Java
2024-09-22 12:43 - 2023-01-02 18:13 - 000000000 ____D C:\Users\dell\AppData\Local\BitTorrentHelper
2024-09-22 12:32 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files (x86)\Dell
2024-09-22 12:31 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files\Dell
2024-09-18 19:27 - 2023-01-02 18:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-17 23:14 - 2022-10-28 10:50 - 000000000 ____D C:\Users\dell\AppData\Roaming\com.adobe.dunamis
2024-09-17 23:14 - 2022-05-18 14:35 - 000000000 ____D C:\Users\dell\AppData\Roaming\Microsoft\Word
2024-09-17 23:14 - 2022-05-16 12:05 - 000000000 ____D C:\Users\dell\AppData\Local\Adobe
2024-09-17 23:14 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Roaming\Adobe
2024-09-17 15:42 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Jojo (14-10-2024 13:46:35)
Running from C:\Users\dell\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) (2022-05-08 14:05:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3623039732-264876851-2668231124-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3623039732-264876851-2668231124-503 - Limited - Disabled)
Guest (S-1-5-21-3623039732-264876851-2668231124-501 - Limited - Disabled)
Jojo (S-1-5-21-3623039732-264876851-2668231124-1001 - Administrator - Enabled) => C:\Users\dell
WDAGUtilityAccount (S-1-5-21-3623039732-264876851-2668231124-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BMW Group ISTA (HKLM-x32\...\{FD79F009-F13C-4722-A0EC-5F342E584F7D}_is1) (Version: 4.25.32 - BMW AG)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
Dell Digital Delivery Services (HKLM-x32\...\{7B4345F5-8B57-4716-B159-8A779BA8F8B0}) (Version: 5.2.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{1B2B45BE-37F7-4263-9262-B183735BF5A4}) (Version: 4.1.8330 - Screenovate Technologies Ltd.)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{B724D287-C1C8-472E-B56B-41AEA619740F}) (Version: 5.4.0 - Dell Inc.)
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
Fingerprint Sensor Driver (HKLM-x32\...\{D9C19E6E-4403-4DDF-B290-ECFAE2072FF9}) (Version: 20.6.0.7 - Realtek Semiconductor Corp.)
Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java 8 Update 421 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Microchip LAN9500 Device Driver (HKLM\...\{9387F7BF-D949-4421-89DA-D75A053F5E91}) (Version: 18.12.18.0 - Microchip Technology Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Volume - cs-cz) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9597.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6C2C3E2A-EECF-4CA7-9AE4-54907F256E50}) (Version: 19.237.0255 - REALTEK Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.58.4 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.2.0.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2024-02-28] (Screenovate Technologies)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-06-19] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.4.19.0_x86__htrsf667h5kn2 [2024-09-22] (Dell Inc)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2022-05-08] (Dell Inc)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0 [2024-10-14] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2021 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2021_4.0.53.0_x64__fh4rh281wavaa [2022-05-16] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-10] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dell\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_351-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\ediabas\bin;C:\EDIABAS\BIN\;C:\Program Files\dotnet\
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1600687.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{66E08516-DDF2-49B8-93AE-FB10232678D4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E8AB8300-A5C7-4C0A-AFCC-A07967E4EDAC}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [TCP Query User{25325BF3-F629-4166-9696-4B5FB15F616C}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B869B1AE-7EDD-4EA8-BB4C-99C1FFDFD841}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{935F1E78-EDFE-43AE-A80C-6AAAC0835089}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CEA971-CB05-483C-9E05-0B2F11EFA627}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9A7D221-C687-4F9A-B8C1-3F5607C27E5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A8F0175-04F4-498E-BEDB-E740007D23CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9B9700-2E2B-4EC4-8325-A040997C139C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A5B325-E6A4-48EC-B974-0C69F92E3F73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19F5C229-04F8-45F6-BD7F-265F8E07E5E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAE62089-23FD-4EEB-A490-E46CAE32228E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E2A9698-4E53-4054-9F02-9DD65F8A025D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{845A18F2-5CF4-4C85-A21C-6CB225191A15}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [UDP Query User{8ECA7DA8-E812-457F-98DC-BB3C7B51980A}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [{CC0AEC8E-A2BB-4F98-98CC-7E7A420D0A36}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B59326B-925A-47E0-8098-B15A5FC849AB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81230130-5970-49EA-AE5B-9F8CC3AC4238}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1739BB72-28FD-4357-BA4A-0D0A3BB732E2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C1B99B7A-D337-40BE-9CBA-6CD6DD8F0492}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{E22928CD-9FDB-40DA-8E54-DD7D306FA2B5}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4EDC5CE6-97DE-4615-9616-D0AE3BEDE7BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ECF8A0E9-C772-4A3D-B885-104E4E85E828}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53C6688-A7B1-4639-9B9A-F0C4FC055405}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FEDD703-65A1-430E-874C-6901E1ECA155}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9DD3721-E226-4EE5-BCCB-9D7C1EE40DEC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA893D8C-294F-44CB-A5CC-8D89A26E299C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{377FD51D-EF66-4796-8C61-AE0BDD72F037}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61B46162-A5CE-4156-AF0C-8D6F7E9FCE8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07EDF130-C2EB-4CAE-B555-A9D79DD4A9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{829ADFBF-F883-45B8-A618-5161AE5FE4C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A301F200-0F6C-4B62-8DF6-C27CCCB135C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A6E71988-F0AB-4F06-B336-5A313BAE52DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6C76D63C-1CEF-47C3-A852-4826E968C250}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6679DA47-FFE9-40EB-9977-9BC062B6EC38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF56920E-B9C4-4BB1-AE77-050B2376287F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB010172-C9DD-491E-BB8F-8444DD9E877F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
12-10-2024 21:46:59 Windows Update
12-10-2024 22:15:58 Revo Uninstaller's restore point - Brave
12-10-2024 22:17:29 Revo Uninstaller's restore point - DuplicateFileFinder 2.4.4.128
12-10-2024 22:18:36 Revo Uninstaller's restore point - Orion by ESTECH
12-10-2024 22:19:27 Revo Uninstaller's restore point - Zoom
12-10-2024 22:20:17 Revo Uninstaller's restore point - Smart Switch
12-10-2024 22:21:40 Revo Uninstaller's restore point - Mozilla Firefox (x64 en-US)
12-10-2024 22:22:33 Revo Uninstaller's restore point - Microsoft OneDrive
12-10-2024 22:24:33 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.3
12-10-2024 22:25:20 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.6 SS
12-10-2024 22:26:02 Revo Uninstaller's restore point - Lovato Easy Fast 1.6.0
12-10-2024 22:26:57 Revo Uninstaller's restore point - Lovato Easy Fast S
12-10-2024 22:28:21 Revo Uninstaller's restore point - Lovato Easy Fast 1.8.1 E
12-10-2024 22:29:19 Revo Uninstaller's restore point - Xbox Game bar
12-10-2024 22:29:49 Revo Uninstaller's restore point - Xbox Game Speech Window
12-10-2024 22:30:30 Revo Uninstaller's restore point - Game Bar
12-10-2024 22:31:38 Revo Uninstaller's restore point - Xbox Identity Provider
14-10-2024 13:06:03 AdwCleaner_BeforeCleaning_14/10/2024_13:06:03
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/12/2024 10:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: haspdinst_x64.exe, verzia: 5.95.17162.1, časová značka: 0x4cbed4fe
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000000000
Identifikácia chybujúceho procesu: 0x3ef0
Čas spustenia chybujúcej aplikácie: 0x01db1ce4fd516515
Cesta chybujúcej aplikácie: C:\Users\dell\AppData\Local\Temp\haspdinst_x64.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: f8563c8a-0c1e-469c-91e3-35daeec073dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/10/2024 07:22:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:02:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:01:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 5554
Start Time: 01db1b320eeef16e
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Report Id: e457b499-7c21-40b2-973e-11df253a5a05
Faulting package full name: 5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/06/2024 03:13:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/06/2024 03:01:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/05/2024 11:17:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SupportAssistSoftwareDiags.exe, verzia: 4.0.3.61632, časová značka: 0x64b073ea
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2364, časová značka: 0x5b7d4d22
Kód výnimky: 0xe0434352
Odstup chyby: 0x000000000002cd29
Identifikácia chybujúceho procesu: 0x4620
Čas spustenia chybujúcej aplikácie: 0x01db1706c2931a83
Cesta chybujúcej aplikácie: C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistSoftwareDiags.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: a8e9b491-51ea-4bf5-a909-e952f5a02e68
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/05/2024 11:17:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SupportAssistSoftwareDiags.exe
CoreCLR Version: 6.0.2824.12007
.NET Version: 6.0.28
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException: Safe handle has been closed.
Object name: 'SafeHandle'.
at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success)
at Interop.Kernel32.SetEvent(SafeWaitHandle handle)
at System.Threading.EventWaitHandle.Set()
at Dell.Client.Framework.Common.PluginManagerBase.Dispose(Boolean disposing)
at Dell.Client.Framework.Common.PluginManagerBase.Dispose()
at Dell.Client.Framework.Agent.Agent.Dispose(Boolean disposing)
at Dell.Client.Framework.Agent.Agent.Dispose()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.SoftwareDiagnosticsSubAgent.DisposeAgent()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.Program.CurrentDomain_ProcessExit(Object sender, EventArgs e)
at System.AppContext.OnProcessExit()
System errors:
=============
Error: (10/14/2024 01:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Remediation zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/14/2024 01:09:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (10/14/2024 01:07:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Dell Client Management Service sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.
Error: (10/14/2024 01:06:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service BITS with arguments "Není k dispozici" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (10/14/2024 01:06:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Remediation zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/14/2024 01:06:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Processor sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Error: (10/14/2024 01:06:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Waves Audio Services sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/14/2024 01:06:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Windows Defender:
================
Date: 2024-06-09 19:47:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-08 14:46:38
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:11
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Event[0]:
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2023-11-10 19:09:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-05 20:11:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-02 14:22:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-16 19:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-25 14:40:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-21 15:29:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-02 19:30:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-22 18:11:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.27.0 07/10/2024
Motherboard: Dell Inc. 0G62VR
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 49%
Total physical RAM: 6030.26 MB
Available physical RAM: 3019.28 MB
Total Virtual: 16270.26 MB
Available Virtual: 10557.04 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.9 GB) (Free:72.12 GB) (Model: PC SN530 NVMe WDC 256GB) NTFS
Drive e: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:142.44 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{16f63fd2-dffb-4822-b08c-a1a256a70b0e}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{589ff040-b0c3-4716-be89-7d1153570785}\ (Image) (Fixed) (Total:14.87 GB) (Free:0.16 GB) NTFS
\\?\Volume{7e9f1068-1485-4098-be6c-1fb3ca91f7f2}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.38 GB) NTFS
\\?\Volume{e35ca227-1a67-4280-8947-a2d904fa6c11}\ (ESP) (Fixed) (Total:0.24 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 61D739B2)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 8BAAD6F4)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Jojo (administrator) on DESKTOP-NJI2HDQ (Dell Inc. Vostro 15 3515) (14-10-2024 13:45:19)
Running from C:\Users\dell\Desktop\FRST64.exe
Loaded Profiles: Jojo
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atieclxx.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe [5332192 2023-10-11] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\MountPoints2: {e7ad5aaf-55fd-11ee-82aa-f889d26372d0} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-05] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3005200C-D018-4C27-A290-33BAF8F44997} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {BF327668-B66C-4085-9EB5-8CEB64804F9A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {A8334479-7532-4FE1-ADC2-EEB2633FA11D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {17566DC2-D357-4758-9A14-8CDE91DFD162} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B248BAB-A3EC-4A8B-8D54-8B04F0190FFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {367FEDAF-6C41-4A72-B36B-0E823E54FCC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE446390-8020-4288-ACA9-C7445039ABFA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\FlickLearningWipiHelper.ProxyStub => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\/U "C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\YqeufldDTMCI.dll"
Task: {1DEF3148-3249-44EA-995F-461B8F10F416} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76D5462E-E53D-4F33-9051-FF03B7558C4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {784F7C7A-03B5-4A23-B30C-B9A50B1FB35A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpDomain] home
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-14]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
FireFox:
========
FF DefaultProfile: wnsqvz9f.default
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\wnsqvz9f.default [2022-05-16]
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release [2024-09-22]
FF Session Restore: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> hxxps://meet.google.com
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\firefox@ghostery.com.xpi [2024-09-22]
FF Extension: (Feedly Notifier) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-BOjn8b0IM7kH2w@jetpack.xpi [2023-07-23]
FF Extension: (I don't care about cookies) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2024-01-26]
FF Extension: (Language: Čeština (Czech)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2024-09-22]
FF Extension: (Visionary – Balanced) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\visionary-balanced-colorway@mozilla.org.xpi [2023-04-24]
FF Extension: (Urban VPN proxy) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\{fca67f41-776b-438a-9382-662171858615}.xpi [2024-01-26]
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2024-10-14]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR Session Restore: Default -> is enabled.
CHR Extension: (Tabs Backup & Restore) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2024-06-20]
CHR Extension: (Feedly Notifier) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2024-06-20]
CHR Extension: (I don't care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-14]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-14]
CHR Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-10-14]
CHR Extension: (VPN Surf - Rýchla VPN odblokovaním) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhnfcgpcbfclhfafjlooihdfghaeinfc [2024-09-21]
CHR Extension: (Enable local file links) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikfmfgobenbhmocjaaboihbeocackld [2024-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-20]
Brave:
=======
BRA Profile: C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-09-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-09-18]
BRA Extension: (Brave NTP background images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-09-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjgplcflbkgklplplbakkopkafojhbmk [2024-09-18]
BRA Extension: (Brave Ads Resources) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\obponfmfefkaeehakbehbnnlcbebebhd [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2024-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203440 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57832 2024-07-15] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51936 2024-07-19] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2080120 2024-06-04] (IndiLogic LLC -> Dell Inc.)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.)
S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_b7f9dde45e4b9cdd\AS\IAS\IntelAudioService.exe [537984 2021-04-02] (Smart Sound Technology -> Intel)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SessionSvc; C:\Windows\System32\drivers\GoodixSessionService.exe [45344 2024-03-18] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22548280 2024-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe [161000 2023-10-11] (Waves Inc -> Waves Audio Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\amdkmdag.sys [106388072 2024-05-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [35792 2020-09-01] (Dell Inc -> OSR Open Systems Resources, Inc.)
R3 DPMDriver; C:\Windows\System32\drivers\DPMDriver.sys [142272 2024-03-25] (IndiLogic LLC -> Dell Inc.)
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems LTD -> Aladdin Knowledge Systems Ltd.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [137040 2021-01-21] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-11-28] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\dell\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 fuvcfgrc; \??\C:\Windows\system32\drivers\fuvcfgrc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 13:35 - 2024-10-14 13:35 - 000000000 _____ C:\Windows\invcol.tmp
2024-10-14 13:04 - 2024-10-14 13:06 - 000000000 ____D C:\AdwCleaner
2024-10-14 13:03 - 2024-10-14 13:03 - 008790880 _____ (Malwarebytes) C:\Users\dell\Desktop\adwcleaner.exe
2024-10-12 21:58 - 2024-10-12 21:59 - 000050795 _____ C:\Users\dell\Desktop\Addition.txt
2024-10-12 21:56 - 2024-10-14 13:45 - 000026607 _____ C:\Users\dell\Desktop\FRST.txt
2024-10-12 21:55 - 2024-10-14 13:45 - 000000000 ____D C:\FRST
2024-10-12 21:53 - 2024-10-12 21:53 - 002397696 _____ (Farbar) C:\Users\dell\Desktop\FRST64.exe
2024-10-12 21:49 - 2024-10-12 21:49 - 000388608 _____ (Trend Micro Inc.) C:\Users\dell\Downloads\hijackthis.exe
2024-10-12 21:47 - 2024-10-12 21:47 - 000000000 ____D C:\Windows\LastGood
2024-10-11 23:39 - 2024-10-11 23:39 - 000169478 _____ C:\Users\dell\Downloads\priloha_1424560888_0_zprava.pdf
2024-10-11 23:35 - 2024-10-12 21:45 - 000000020 _____ C:\Users\dell\Desktop\datovka.txt
2024-10-09 14:00 - 2024-10-09 14:00 - 000662438 _____ C:\Users\dell\Downloads\AIR-Vozidlo.pdf
2024-10-06 15:36 - 2024-10-06 15:36 - 000001614 _____ C:\Users\dell\Desktop\e61 moja vybava.txt
2024-10-05 18:17 - 2024-10-05 18:17 - 000397384 _____ C:\Users\dell\Downloads\Junkers-TRQ-21-W-B-Installations-u-Bedienungsanleitung.pdf
2024-09-27 19:30 - 2024-09-27 19:30 - 000052247 _____ C:\Users\dell\Downloads\The-Secret-of-Kells(0000162623).srt
2024-09-24 13:28 - 2024-09-24 13:36 - 000000000 ____D C:\Users\dell\Desktop\mp3
2024-09-24 13:20 - 2017-12-29 14:36 - 977387520 _____ C:\Users\dell\Desktop\The Secret of Kells (2009) BRRip Xvid orig zneni 720x400.avi
2024-09-24 13:05 - 2024-09-24 13:05 - 000001203 _____ C:\Users\dell\Desktop\SubtitleEdit – odkaz.lnk
2024-09-24 12:53 - 2024-09-24 13:14 - 000000000 ____D C:\Users\dell\Downloads\SE408
2024-09-24 12:52 - 2024-09-24 12:52 - 012190758 _____ C:\Users\dell\Downloads\SE408.zip
2024-09-24 12:45 - 2024-09-24 12:45 - 000012880 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000033369).zip
2024-09-24 12:38 - 2024-09-24 13:14 - 000038846 _____ C:\Users\dell\Downloads\Doctor Who S01E01.srt
2024-09-24 12:38 - 2024-09-24 12:38 - 000016801 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000110515).zip
2024-09-22 13:09 - 2024-09-22 13:10 - 000000000 ____D C:\Program Files\Java
2024-09-22 13:09 - 2024-06-05 13:24 - 000213120 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-09-22 13:09 - 2024-06-05 13:24 - 000178816 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2024-09-22 12:30 - 2024-09-22 12:30 - 000000000 ____D C:\Windows\{15DA82A3-B124-45FA-A87D-51DB76178223}
2024-09-22 12:01 - 2024-09-22 12:01 - 000000000 ____D C:\Users\dell\Downloads\The Witches of Eastwick 1987 BDRip 1080p DTS multisub-HighCode
2024-09-21 19:03 - 2024-09-21 19:03 - 000084084 _____ C:\Users\dell\Desktop\Magicka-posedlost(0000057817).srt
2024-09-21 19:01 - 2024-09-21 19:01 - 000084084 _____ C:\Users\dell\Desktop\Practical-Magic(0000122609).srt
2024-09-21 18:58 - 2024-10-12 22:37 - 000000000 ____D C:\Users\dell\Downloads\[ www.Torrenting.com ] - Practical.Magic.1998.iNTERNAL.DVDRip.XviD-8BaLLRiPS
2024-09-18 11:51 - 2024-09-18 11:51 - 000000000 ____D C:\Users\dell\AppData\Local\BraveSoftware
2024-09-18 11:49 - 2024-09-18 11:50 - 001276712 _____ (BraveSoftware Inc.) C:\Users\dell\Downloads\BraveBrowserSetup-BRV010.exe
2024-09-17 23:14 - 2024-09-17 23:14 - 000119288 _____ C:\Users\dell\Downloads\Splnomocnenie pdf.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 13:44 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-14 13:33 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\D3DSCache
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-14 13:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-14 13:26 - 2021-09-14 20:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-10-14 13:14 - 2021-09-14 20:35 - 000683504 _____ C:\Windows\system32\perfh005.dat
2024-10-14 13:14 - 2021-09-14 20:35 - 000137284 _____ C:\Windows\system32\perfc005.dat
2024-10-14 13:14 - 2021-09-14 20:05 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-14 13:14 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-14 13:09 - 2024-03-22 15:39 - 000000000 ____D C:\Program Files\TeamViewer
2024-10-14 13:09 - 2021-09-14 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-14 13:09 - 2021-09-14 19:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-14 13:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-10-14 13:08 - 2022-06-21 21:10 - 000000000 ____D C:\Windows\SystemTemp
2024-10-14 13:08 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-14 13:07 - 2021-09-14 20:19 - 000000000 ____D C:\ProgramData\Dell
2024-10-14 13:06 - 2022-05-18 14:53 - 000000000 ____D C:\Users\dell\Documents\Dell
2024-10-12 22:38 - 2022-05-21 23:43 - 000000000 ____D C:\Users\dell\Desktop\RevoUninstaller_Portable
2024-10-12 22:37 - 2024-06-18 22:36 - 000000000 ____D C:\Users\dell\AppData\Roaming\utorrent
2024-10-12 22:37 - 2021-09-14 19:58 - 000000000 ____D C:\ProgramData\Goodix
2024-10-12 22:32 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\Packages
2024-10-12 22:26 - 2024-02-11 15:41 - 000000000 ____D C:\Program Files (x86)\Lovato
2024-10-12 22:22 - 2022-05-16 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-12 22:21 - 2023-01-28 17:11 - 000000000 ____D C:\Users\dell\AppData\Roaming\Samsung
2024-10-12 22:20 - 2023-01-28 17:10 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-10-12 22:20 - 2022-05-18 16:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-10-12 21:50 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\VirtualStore
2024-10-12 15:59 - 2021-09-14 20:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-11 23:34 - 2024-08-04 17:27 - 000000000 ____D C:\Users\dell\Desktop\valce
2024-10-10 18:06 - 2021-09-14 20:19 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-10 18:06 - 2021-09-14 20:19 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-09 14:02 - 2023-01-19 10:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-10-28 11:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-05-16 12:10 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-05 18:15 - 2024-06-20 18:11 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-05 18:15 - 2024-06-20 18:11 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-01 20:10 - 2022-12-07 21:01 - 000000000 ____D C:\Users\dell\AppData\Roaming\vlc
2024-09-22 13:09 - 2023-05-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-09-22 13:09 - 2023-01-07 01:03 - 000000000 ____D C:\Program Files (x86)\Java
2024-09-22 12:43 - 2023-01-02 18:13 - 000000000 ____D C:\Users\dell\AppData\Local\BitTorrentHelper
2024-09-22 12:32 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files (x86)\Dell
2024-09-22 12:31 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files\Dell
2024-09-18 19:27 - 2023-01-02 18:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-17 23:14 - 2022-10-28 10:50 - 000000000 ____D C:\Users\dell\AppData\Roaming\com.adobe.dunamis
2024-09-17 23:14 - 2022-05-18 14:35 - 000000000 ____D C:\Users\dell\AppData\Roaming\Microsoft\Word
2024-09-17 23:14 - 2022-05-16 12:05 - 000000000 ____D C:\Users\dell\AppData\Local\Adobe
2024-09-17 23:14 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Roaming\Adobe
2024-09-17 15:42 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Jojo (14-10-2024 13:46:35)
Running from C:\Users\dell\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) (2022-05-08 14:05:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3623039732-264876851-2668231124-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3623039732-264876851-2668231124-503 - Limited - Disabled)
Guest (S-1-5-21-3623039732-264876851-2668231124-501 - Limited - Disabled)
Jojo (S-1-5-21-3623039732-264876851-2668231124-1001 - Administrator - Enabled) => C:\Users\dell
WDAGUtilityAccount (S-1-5-21-3623039732-264876851-2668231124-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BMW Group ISTA (HKLM-x32\...\{FD79F009-F13C-4722-A0EC-5F342E584F7D}_is1) (Version: 4.25.32 - BMW AG)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
Dell Digital Delivery Services (HKLM-x32\...\{7B4345F5-8B57-4716-B159-8A779BA8F8B0}) (Version: 5.2.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{1B2B45BE-37F7-4263-9262-B183735BF5A4}) (Version: 4.1.8330 - Screenovate Technologies Ltd.)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{B724D287-C1C8-472E-B56B-41AEA619740F}) (Version: 5.4.0 - Dell Inc.)
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
Fingerprint Sensor Driver (HKLM-x32\...\{D9C19E6E-4403-4DDF-B290-ECFAE2072FF9}) (Version: 20.6.0.7 - Realtek Semiconductor Corp.)
Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java 8 Update 421 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Microchip LAN9500 Device Driver (HKLM\...\{9387F7BF-D949-4421-89DA-D75A053F5E91}) (Version: 18.12.18.0 - Microchip Technology Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Volume - cs-cz) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9597.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6C2C3E2A-EECF-4CA7-9AE4-54907F256E50}) (Version: 19.237.0255 - REALTEK Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.58.4 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.2.0.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2024-02-28] (Screenovate Technologies)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-06-19] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.4.19.0_x86__htrsf667h5kn2 [2024-09-22] (Dell Inc)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2022-05-08] (Dell Inc)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0 [2024-10-14] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2021 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2021_4.0.53.0_x64__fh4rh281wavaa [2022-05-16] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-10] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dell\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_351-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\ediabas\bin;C:\EDIABAS\BIN\;C:\Program Files\dotnet\
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1600687.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{66E08516-DDF2-49B8-93AE-FB10232678D4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E8AB8300-A5C7-4C0A-AFCC-A07967E4EDAC}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [TCP Query User{25325BF3-F629-4166-9696-4B5FB15F616C}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B869B1AE-7EDD-4EA8-BB4C-99C1FFDFD841}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{935F1E78-EDFE-43AE-A80C-6AAAC0835089}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CEA971-CB05-483C-9E05-0B2F11EFA627}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9A7D221-C687-4F9A-B8C1-3F5607C27E5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A8F0175-04F4-498E-BEDB-E740007D23CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9B9700-2E2B-4EC4-8325-A040997C139C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A5B325-E6A4-48EC-B974-0C69F92E3F73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19F5C229-04F8-45F6-BD7F-265F8E07E5E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAE62089-23FD-4EEB-A490-E46CAE32228E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E2A9698-4E53-4054-9F02-9DD65F8A025D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{845A18F2-5CF4-4C85-A21C-6CB225191A15}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [UDP Query User{8ECA7DA8-E812-457F-98DC-BB3C7B51980A}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [{CC0AEC8E-A2BB-4F98-98CC-7E7A420D0A36}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B59326B-925A-47E0-8098-B15A5FC849AB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81230130-5970-49EA-AE5B-9F8CC3AC4238}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1739BB72-28FD-4357-BA4A-0D0A3BB732E2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C1B99B7A-D337-40BE-9CBA-6CD6DD8F0492}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{E22928CD-9FDB-40DA-8E54-DD7D306FA2B5}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4EDC5CE6-97DE-4615-9616-D0AE3BEDE7BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ECF8A0E9-C772-4A3D-B885-104E4E85E828}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53C6688-A7B1-4639-9B9A-F0C4FC055405}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FEDD703-65A1-430E-874C-6901E1ECA155}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9DD3721-E226-4EE5-BCCB-9D7C1EE40DEC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA893D8C-294F-44CB-A5CC-8D89A26E299C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{377FD51D-EF66-4796-8C61-AE0BDD72F037}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61B46162-A5CE-4156-AF0C-8D6F7E9FCE8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07EDF130-C2EB-4CAE-B555-A9D79DD4A9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{829ADFBF-F883-45B8-A618-5161AE5FE4C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A301F200-0F6C-4B62-8DF6-C27CCCB135C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A6E71988-F0AB-4F06-B336-5A313BAE52DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6C76D63C-1CEF-47C3-A852-4826E968C250}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6679DA47-FFE9-40EB-9977-9BC062B6EC38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF56920E-B9C4-4BB1-AE77-050B2376287F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB010172-C9DD-491E-BB8F-8444DD9E877F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
12-10-2024 21:46:59 Windows Update
12-10-2024 22:15:58 Revo Uninstaller's restore point - Brave
12-10-2024 22:17:29 Revo Uninstaller's restore point - DuplicateFileFinder 2.4.4.128
12-10-2024 22:18:36 Revo Uninstaller's restore point - Orion by ESTECH
12-10-2024 22:19:27 Revo Uninstaller's restore point - Zoom
12-10-2024 22:20:17 Revo Uninstaller's restore point - Smart Switch
12-10-2024 22:21:40 Revo Uninstaller's restore point - Mozilla Firefox (x64 en-US)
12-10-2024 22:22:33 Revo Uninstaller's restore point - Microsoft OneDrive
12-10-2024 22:24:33 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.3
12-10-2024 22:25:20 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.6 SS
12-10-2024 22:26:02 Revo Uninstaller's restore point - Lovato Easy Fast 1.6.0
12-10-2024 22:26:57 Revo Uninstaller's restore point - Lovato Easy Fast S
12-10-2024 22:28:21 Revo Uninstaller's restore point - Lovato Easy Fast 1.8.1 E
12-10-2024 22:29:19 Revo Uninstaller's restore point - Xbox Game bar
12-10-2024 22:29:49 Revo Uninstaller's restore point - Xbox Game Speech Window
12-10-2024 22:30:30 Revo Uninstaller's restore point - Game Bar
12-10-2024 22:31:38 Revo Uninstaller's restore point - Xbox Identity Provider
14-10-2024 13:06:03 AdwCleaner_BeforeCleaning_14/10/2024_13:06:03
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/12/2024 10:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: haspdinst_x64.exe, verzia: 5.95.17162.1, časová značka: 0x4cbed4fe
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000000000
Identifikácia chybujúceho procesu: 0x3ef0
Čas spustenia chybujúcej aplikácie: 0x01db1ce4fd516515
Cesta chybujúcej aplikácie: C:\Users\dell\AppData\Local\Temp\haspdinst_x64.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: f8563c8a-0c1e-469c-91e3-35daeec073dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/10/2024 07:22:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:02:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:01:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 5554
Start Time: 01db1b320eeef16e
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Report Id: e457b499-7c21-40b2-973e-11df253a5a05
Faulting package full name: 5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/06/2024 03:13:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/06/2024 03:01:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/05/2024 11:17:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SupportAssistSoftwareDiags.exe, verzia: 4.0.3.61632, časová značka: 0x64b073ea
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2364, časová značka: 0x5b7d4d22
Kód výnimky: 0xe0434352
Odstup chyby: 0x000000000002cd29
Identifikácia chybujúceho procesu: 0x4620
Čas spustenia chybujúcej aplikácie: 0x01db1706c2931a83
Cesta chybujúcej aplikácie: C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistSoftwareDiags.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: a8e9b491-51ea-4bf5-a909-e952f5a02e68
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/05/2024 11:17:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SupportAssistSoftwareDiags.exe
CoreCLR Version: 6.0.2824.12007
.NET Version: 6.0.28
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException: Safe handle has been closed.
Object name: 'SafeHandle'.
at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success)
at Interop.Kernel32.SetEvent(SafeWaitHandle handle)
at System.Threading.EventWaitHandle.Set()
at Dell.Client.Framework.Common.PluginManagerBase.Dispose(Boolean disposing)
at Dell.Client.Framework.Common.PluginManagerBase.Dispose()
at Dell.Client.Framework.Agent.Agent.Dispose(Boolean disposing)
at Dell.Client.Framework.Agent.Agent.Dispose()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.SoftwareDiagnosticsSubAgent.DisposeAgent()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.Program.CurrentDomain_ProcessExit(Object sender, EventArgs e)
at System.AppContext.OnProcessExit()
System errors:
=============
Error: (10/14/2024 01:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Remediation zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/14/2024 01:09:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (10/14/2024 01:07:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Dell Client Management Service sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.
Error: (10/14/2024 01:06:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service BITS with arguments "Není k dispozici" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (10/14/2024 01:06:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Remediation zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/14/2024 01:06:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Processor sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Error: (10/14/2024 01:06:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Waves Audio Services sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/14/2024 01:06:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Windows Defender:
================
Date: 2024-06-09 19:47:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-08 14:46:38
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:11
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Event[0]:
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2023-11-10 19:09:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-05 20:11:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-02 14:22:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-16 19:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-25 14:40:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-21 15:29:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-02 19:30:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-22 18:11:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.27.0 07/10/2024
Motherboard: Dell Inc. 0G62VR
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 49%
Total physical RAM: 6030.26 MB
Available physical RAM: 3019.28 MB
Total Virtual: 16270.26 MB
Available Virtual: 10557.04 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.9 GB) (Free:72.12 GB) (Model: PC SN530 NVMe WDC 256GB) NTFS
Drive e: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:142.44 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{16f63fd2-dffb-4822-b08c-a1a256a70b0e}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{589ff040-b0c3-4716-be89-7d1153570785}\ (Image) (Fixed) (Total:14.87 GB) (Free:0.16 GB) NTFS
\\?\Volume{7e9f1068-1485-4098-be6c-1fb3ca91f7f2}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.38 GB) NTFS
\\?\Volume{e35ca227-1a67-4280-8947-a2d904fa6c11}\ (ESP) (Fixed) (Total:0.24 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 61D739B2)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 8BAAD6F4)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: možný keyloger
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\MountPoints2: {e7ad5aaf-55fd-11ee-82aa-f889d26372d0} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {BF327668-B66C-4085-9EB5-8CEB64804F9A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
S3 ALSysIO; \??\C:\Users\dell\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 fuvcfgrc; \??\C:\Windows\system32\drivers\fuvcfgrc.sys [X]
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dell\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: možný keyloger
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Jojo (14-10-2024 15:16:07) Run:1
Running from C:\Users\dell\Desktop
Loaded Profiles: Jojo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\MountPoints2: {e7ad5aaf-55fd-11ee-82aa-f889d26372d0} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {BF327668-B66C-4085-9EB5-8CEB64804F9A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
S3 ALSysIO; \??\C:\Users\dell\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 fuvcfgrc; \??\C:\Windows\system32\drivers\fuvcfgrc.sys [X]
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dell\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\MRT => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7ad5aaf-55fd-11ee-82aa-f889d26372d0} => removed successfully
"C:\Windows\system32\GroupPolicy\Machine" Folder move:
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF327668-B66C-4085-9EB5-8CEB64804F9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF327668-B66C-4085-9EB5-8CEB64804F9A}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A}" => removed successfully
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\fuvcfgrc => removed successfully
fuvcfgrc => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
"C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1276848439 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 18531278 B
Edge => 0 B
Chrome => 1002218463 B
Brave => 11867720 B
Firefox => 1251365493 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 203 B
systemprofile32 => 13767 B
LocalService => 13767 B
NetworkService => 329017 B
dell => 14852862 B
RecycleBin => 81218 B
EmptyTemp: => 3.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-10-2024 15:22:33)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 15:22:33 ====
Ran by Jojo (14-10-2024 15:16:07) Run:1
Running from C:\Users\dell\Desktop
Loaded Profiles: Jojo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\MountPoints2: {e7ad5aaf-55fd-11ee-82aa-f889d26372d0} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {BF327668-B66C-4085-9EB5-8CEB64804F9A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
S3 ALSysIO; \??\C:\Users\dell\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 fuvcfgrc; \??\C:\Windows\system32\drivers\fuvcfgrc.sys [X]
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dell\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\MRT => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7ad5aaf-55fd-11ee-82aa-f889d26372d0} => removed successfully
"C:\Windows\system32\GroupPolicy\Machine" Folder move:
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF327668-B66C-4085-9EB5-8CEB64804F9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF327668-B66C-4085-9EB5-8CEB64804F9A}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46811182-9542-433D-A171-1F4C85DCE59A}" => removed successfully
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\fuvcfgrc => removed successfully
fuvcfgrc => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
"C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1276848439 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 18531278 B
Edge => 0 B
Chrome => 1002218463 B
Brave => 11867720 B
Firefox => 1251365493 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 203 B
systemprofile32 => 13767 B
LocalService => 13767 B
NetworkService => 329017 B
dell => 14852862 B
RecycleBin => 81218 B
EmptyTemp: => 3.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-10-2024 15:22:33)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 15:22:33 ====
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: možný keyloger
Smazáno. Nastala nějaká zmšna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: možný keyloger
chvílu to bolo OK ale zasa to zaˇˇcalo robiˇˇt. Mam to spustit este raz?
Re: možný keyloger
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by Jojo (administrator) on DESKTOP-NJI2HDQ (Dell Inc. Vostro 15 3515) (14-10-2024 15:49:53)
Running from C:\Users\dell\Desktop\FRST64.exe
Loaded Profiles: Jojo
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe [5332192 2023-10-11] (Waves Inc -> Waves Audio Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-05] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk *
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3005200C-D018-4C27-A290-33BAF8F44997} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {A8334479-7532-4FE1-ADC2-EEB2633FA11D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {17566DC2-D357-4758-9A14-8CDE91DFD162} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B248BAB-A3EC-4A8B-8D54-8B04F0190FFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {367FEDAF-6C41-4A72-B36B-0E823E54FCC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE446390-8020-4288-ACA9-C7445039ABFA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\FlickLearningWipiHelper.ProxyStub => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\/U "C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\YqeufldDTMCI.dll"
Task: {1DEF3148-3249-44EA-995F-461B8F10F416} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76D5462E-E53D-4F33-9051-FF03B7558C4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {784F7C7A-03B5-4A23-B30C-B9A50B1FB35A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpDomain] home
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-14]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
FireFox:
========
FF DefaultProfile: wnsqvz9f.default
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\wnsqvz9f.default [2024-10-14]
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release [2024-10-14]
FF Session Restore: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> hxxps://meet.google.com
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\firefox@ghostery.com.xpi [2024-09-22]
FF Extension: (Feedly Notifier) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-BOjn8b0IM7kH2w@jetpack.xpi [2023-07-23]
FF Extension: (I don't care about cookies) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2024-01-26]
FF Extension: (Language: Čeština (Czech)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2024-09-22]
FF Extension: (Visionary – Balanced) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\visionary-balanced-colorway@mozilla.org.xpi [2023-04-24]
FF Extension: (Urban VPN proxy) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\{fca67f41-776b-438a-9382-662171858615}.xpi [2024-01-26]
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2024-10-14]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR Session Restore: Default -> is enabled.
CHR Extension: (Tabs Backup & Restore) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2024-06-20]
CHR Extension: (Feedly Notifier) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2024-06-20]
CHR Extension: (I don't care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-14]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-14]
CHR Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-10-14]
CHR Extension: (VPN Surf - Rýchla VPN odblokovaním) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhnfcgpcbfclhfafjlooihdfghaeinfc [2024-09-21]
CHR Extension: (Enable local file links) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikfmfgobenbhmocjaaboihbeocackld [2024-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-20]
Brave:
=======
BRA Profile: C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-10-14]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-09-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-09-18]
BRA Extension: (Brave NTP background images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-09-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjgplcflbkgklplplbakkopkafojhbmk [2024-09-18]
BRA Extension: (Brave Ads Resources) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\obponfmfefkaeehakbehbnnlcbebebhd [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2024-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203440 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57832 2024-07-15] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51936 2024-07-19] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2080120 2024-06-04] (IndiLogic LLC -> Dell Inc.)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.)
S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_b7f9dde45e4b9cdd\AS\IAS\IntelAudioService.exe [537984 2021-04-02] (Smart Sound Technology -> Intel)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SessionSvc; C:\Windows\System32\drivers\GoodixSessionService.exe [45344 2024-03-18] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22548280 2024-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe [161000 2023-10-11] (Waves Inc -> Waves Audio Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\amdkmdag.sys [106388072 2024-05-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [35792 2020-09-01] (Dell Inc -> OSR Open Systems Resources, Inc.)
R3 DPMDriver; C:\Windows\System32\drivers\DPMDriver.sys [142272 2024-03-25] (IndiLogic LLC -> Dell Inc.)
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems LTD -> Aladdin Knowledge Systems Ltd.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [137040 2021-01-21] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 MpKsl79fa4f28; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A9087CE-6607-46F5-A3D8-CD3E66FFED56}\MpKslDrv.sys [267552 2024-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-11-28] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 15:49 - 2024-10-14 15:50 - 000025714 _____ C:\Users\dell\Desktop\FRST.txt
2024-10-14 15:21 - 2024-10-14 15:21 - 000000008 __RSH C:\ProgramData\ntuser.pol
2024-10-14 15:16 - 2024-10-14 15:22 - 000004722 _____ C:\Users\dell\Desktop\Fixlog.txt
2024-10-14 13:35 - 2024-10-14 13:35 - 000000000 _____ C:\Windows\invcol.tmp
2024-10-14 13:04 - 2024-10-14 13:06 - 000000000 ____D C:\AdwCleaner
2024-10-14 13:03 - 2024-10-14 13:03 - 008790880 _____ (Malwarebytes) C:\Users\dell\Desktop\adwcleaner.exe
2024-10-12 21:55 - 2024-10-14 15:50 - 000000000 ____D C:\FRST
2024-10-12 21:53 - 2024-10-12 21:53 - 002397696 _____ (Farbar) C:\Users\dell\Desktop\FRST64.exe
2024-10-12 21:49 - 2024-10-12 21:49 - 000388608 _____ (Trend Micro Inc.) C:\Users\dell\Downloads\hijackthis.exe
2024-10-12 21:47 - 2024-10-12 21:47 - 000000000 ____D C:\Windows\LastGood
2024-10-11 23:39 - 2024-10-11 23:39 - 000169478 _____ C:\Users\dell\Downloads\priloha_1424560888_0_zprava.pdf
2024-10-11 23:35 - 2024-10-12 21:45 - 000000020 _____ C:\Users\dell\Desktop\datovka.txt
2024-10-09 14:00 - 2024-10-09 14:00 - 000662438 _____ C:\Users\dell\Downloads\AIR-Vozidlo.pdf
2024-10-06 15:36 - 2024-10-06 15:36 - 000001614 _____ C:\Users\dell\Desktop\e61 moja vybava.txt
2024-10-05 18:17 - 2024-10-05 18:17 - 000397384 _____ C:\Users\dell\Downloads\Junkers-TRQ-21-W-B-Installations-u-Bedienungsanleitung.pdf
2024-09-27 19:30 - 2024-09-27 19:30 - 000052247 _____ C:\Users\dell\Downloads\The-Secret-of-Kells(0000162623).srt
2024-09-24 13:28 - 2024-09-24 13:36 - 000000000 ____D C:\Users\dell\Desktop\mp3
2024-09-24 13:20 - 2017-12-29 14:36 - 977387520 _____ C:\Users\dell\Desktop\The Secret of Kells (2009) BRRip Xvid orig zneni 720x400.avi
2024-09-24 13:05 - 2024-09-24 13:05 - 000001203 _____ C:\Users\dell\Desktop\SubtitleEdit – odkaz.lnk
2024-09-24 12:53 - 2024-09-24 13:14 - 000000000 ____D C:\Users\dell\Downloads\SE408
2024-09-24 12:52 - 2024-09-24 12:52 - 012190758 _____ C:\Users\dell\Downloads\SE408.zip
2024-09-24 12:45 - 2024-09-24 12:45 - 000012880 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000033369).zip
2024-09-24 12:38 - 2024-09-24 13:14 - 000038846 _____ C:\Users\dell\Downloads\Doctor Who S01E01.srt
2024-09-24 12:38 - 2024-09-24 12:38 - 000016801 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000110515).zip
2024-09-22 13:09 - 2024-09-22 13:10 - 000000000 ____D C:\Program Files\Java
2024-09-22 13:09 - 2024-06-05 13:24 - 000213120 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-09-22 13:09 - 2024-06-05 13:24 - 000178816 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2024-09-22 12:30 - 2024-09-22 12:30 - 000000000 ____D C:\Windows\{15DA82A3-B124-45FA-A87D-51DB76178223}
2024-09-22 12:01 - 2024-09-22 12:01 - 000000000 ____D C:\Users\dell\Downloads\The Witches of Eastwick 1987 BDRip 1080p DTS multisub-HighCode
2024-09-21 19:03 - 2024-09-21 19:03 - 000084084 _____ C:\Users\dell\Desktop\Magicka-posedlost(0000057817).srt
2024-09-21 19:01 - 2024-09-21 19:01 - 000084084 _____ C:\Users\dell\Desktop\Practical-Magic(0000122609).srt
2024-09-21 18:58 - 2024-10-12 22:37 - 000000000 ____D C:\Users\dell\Downloads\[ www.Torrenting.com ] - Practical.Magic.1998.iNTERNAL.DVDRip.XviD-8BaLLRiPS
2024-09-18 11:51 - 2024-09-18 11:51 - 000000000 ____D C:\Users\dell\AppData\Local\BraveSoftware
2024-09-18 11:49 - 2024-09-18 11:50 - 001276712 _____ (BraveSoftware Inc.) C:\Users\dell\Downloads\BraveBrowserSetup-BRV010.exe
2024-09-17 23:14 - 2024-09-17 23:14 - 000119288 _____ C:\Users\dell\Downloads\Splnomocnenie pdf.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 15:39 - 2021-09-14 20:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-10-14 15:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-14 15:26 - 2021-09-14 20:35 - 000683504 _____ C:\Windows\system32\perfh005.dat
2024-10-14 15:26 - 2021-09-14 20:35 - 000137284 _____ C:\Windows\system32\perfc005.dat
2024-10-14 15:26 - 2021-09-14 20:05 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-14 15:26 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-14 15:22 - 2024-03-22 15:39 - 000000000 ____D C:\Program Files\TeamViewer
2024-10-14 15:21 - 2021-09-14 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-14 15:21 - 2021-09-14 19:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-14 15:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-10-14 15:21 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-14 15:19 - 2023-01-19 10:48 - 000000000 ____D C:\Users\dell\AppData\LocalLow\Temp
2024-10-14 15:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2024-10-14 13:44 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-14 13:33 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\D3DSCache
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-14 13:08 - 2022-06-21 21:10 - 000000000 ____D C:\Windows\SystemTemp
2024-10-14 13:07 - 2021-09-14 20:19 - 000000000 ____D C:\ProgramData\Dell
2024-10-14 13:06 - 2022-05-18 14:53 - 000000000 ____D C:\Users\dell\Documents\Dell
2024-10-12 22:38 - 2022-05-21 23:43 - 000000000 ____D C:\Users\dell\Desktop\RevoUninstaller_Portable
2024-10-12 22:37 - 2024-06-18 22:36 - 000000000 ____D C:\Users\dell\AppData\Roaming\utorrent
2024-10-12 22:37 - 2021-09-14 19:58 - 000000000 ____D C:\ProgramData\Goodix
2024-10-12 22:32 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\Packages
2024-10-12 22:26 - 2024-02-11 15:41 - 000000000 ____D C:\Program Files (x86)\Lovato
2024-10-12 22:22 - 2022-05-16 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-12 22:21 - 2023-01-28 17:11 - 000000000 ____D C:\Users\dell\AppData\Roaming\Samsung
2024-10-12 22:20 - 2023-01-28 17:10 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-10-12 22:20 - 2022-05-18 16:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-10-12 21:50 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\VirtualStore
2024-10-12 15:59 - 2021-09-14 20:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-11 23:34 - 2024-08-04 17:27 - 000000000 ____D C:\Users\dell\Desktop\valce
2024-10-10 18:06 - 2021-09-14 20:19 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-10 18:06 - 2021-09-14 20:19 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-09 14:02 - 2023-01-19 10:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-10-28 11:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-05-16 12:10 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-05 18:15 - 2024-06-20 18:11 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-05 18:15 - 2024-06-20 18:11 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-01 20:10 - 2022-12-07 21:01 - 000000000 ____D C:\Users\dell\AppData\Roaming\vlc
2024-09-22 13:09 - 2023-05-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-09-22 13:09 - 2023-01-07 01:03 - 000000000 ____D C:\Program Files (x86)\Java
2024-09-22 12:43 - 2023-01-02 18:13 - 000000000 ____D C:\Users\dell\AppData\Local\BitTorrentHelper
2024-09-22 12:32 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files (x86)\Dell
2024-09-22 12:31 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files\Dell
2024-09-18 19:27 - 2023-01-02 18:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-17 23:14 - 2022-10-28 10:50 - 000000000 ____D C:\Users\dell\AppData\Roaming\com.adobe.dunamis
2024-09-17 23:14 - 2022-05-18 14:35 - 000000000 ____D C:\Users\dell\AppData\Roaming\Microsoft\Word
2024-09-17 23:14 - 2022-05-16 12:05 - 000000000 ____D C:\Users\dell\AppData\Local\Adobe
2024-09-17 23:14 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Roaming\Adobe
2024-09-17 15:42 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Jojo (14-10-2024 15:51:06)
Running from C:\Users\dell\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) (2022-05-08 14:05:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3623039732-264876851-2668231124-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3623039732-264876851-2668231124-503 - Limited - Disabled)
Guest (S-1-5-21-3623039732-264876851-2668231124-501 - Limited - Disabled)
Jojo (S-1-5-21-3623039732-264876851-2668231124-1001 - Administrator - Enabled) => C:\Users\dell
WDAGUtilityAccount (S-1-5-21-3623039732-264876851-2668231124-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BMW Group ISTA (HKLM-x32\...\{FD79F009-F13C-4722-A0EC-5F342E584F7D}_is1) (Version: 4.25.32 - BMW AG)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
Dell Digital Delivery Services (HKLM-x32\...\{7B4345F5-8B57-4716-B159-8A779BA8F8B0}) (Version: 5.2.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{1B2B45BE-37F7-4263-9262-B183735BF5A4}) (Version: 4.1.8330 - Screenovate Technologies Ltd.)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{B724D287-C1C8-472E-B56B-41AEA619740F}) (Version: 5.4.0 - Dell Inc.)
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
Fingerprint Sensor Driver (HKLM-x32\...\{D9C19E6E-4403-4DDF-B290-ECFAE2072FF9}) (Version: 20.6.0.7 - Realtek Semiconductor Corp.)
Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java 8 Update 421 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Microchip LAN9500 Device Driver (HKLM\...\{9387F7BF-D949-4421-89DA-D75A053F5E91}) (Version: 18.12.18.0 - Microchip Technology Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Volume - cs-cz) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9597.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6C2C3E2A-EECF-4CA7-9AE4-54907F256E50}) (Version: 19.237.0255 - REALTEK Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.58.4 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.2.0.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2024-02-28] (Screenovate Technologies)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-06-19] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.4.19.0_x86__htrsf667h5kn2 [2024-09-22] (Dell Inc)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2022-05-08] (Dell Inc)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0 [2024-10-14] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2021 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2021_4.0.53.0_x64__fh4rh281wavaa [2022-05-16] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-10] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_351-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\ediabas\bin;C:\EDIABAS\BIN\;C:\Program Files\dotnet\
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1600687.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{66E08516-DDF2-49B8-93AE-FB10232678D4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E8AB8300-A5C7-4C0A-AFCC-A07967E4EDAC}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [TCP Query User{25325BF3-F629-4166-9696-4B5FB15F616C}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B869B1AE-7EDD-4EA8-BB4C-99C1FFDFD841}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{935F1E78-EDFE-43AE-A80C-6AAAC0835089}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CEA971-CB05-483C-9E05-0B2F11EFA627}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9A7D221-C687-4F9A-B8C1-3F5607C27E5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A8F0175-04F4-498E-BEDB-E740007D23CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9B9700-2E2B-4EC4-8325-A040997C139C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A5B325-E6A4-48EC-B974-0C69F92E3F73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19F5C229-04F8-45F6-BD7F-265F8E07E5E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAE62089-23FD-4EEB-A490-E46CAE32228E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E2A9698-4E53-4054-9F02-9DD65F8A025D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{845A18F2-5CF4-4C85-A21C-6CB225191A15}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [UDP Query User{8ECA7DA8-E812-457F-98DC-BB3C7B51980A}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [{CC0AEC8E-A2BB-4F98-98CC-7E7A420D0A36}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B59326B-925A-47E0-8098-B15A5FC849AB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81230130-5970-49EA-AE5B-9F8CC3AC4238}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1739BB72-28FD-4357-BA4A-0D0A3BB732E2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C1B99B7A-D337-40BE-9CBA-6CD6DD8F0492}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{E22928CD-9FDB-40DA-8E54-DD7D306FA2B5}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4EDC5CE6-97DE-4615-9616-D0AE3BEDE7BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ECF8A0E9-C772-4A3D-B885-104E4E85E828}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53C6688-A7B1-4639-9B9A-F0C4FC055405}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FEDD703-65A1-430E-874C-6901E1ECA155}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9DD3721-E226-4EE5-BCCB-9D7C1EE40DEC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA893D8C-294F-44CB-A5CC-8D89A26E299C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{377FD51D-EF66-4796-8C61-AE0BDD72F037}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61B46162-A5CE-4156-AF0C-8D6F7E9FCE8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07EDF130-C2EB-4CAE-B555-A9D79DD4A9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{829ADFBF-F883-45B8-A618-5161AE5FE4C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A301F200-0F6C-4B62-8DF6-C27CCCB135C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A6E71988-F0AB-4F06-B336-5A313BAE52DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6C76D63C-1CEF-47C3-A852-4826E968C250}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6679DA47-FFE9-40EB-9977-9BC062B6EC38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF56920E-B9C4-4BB1-AE77-050B2376287F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB010172-C9DD-491E-BB8F-8444DD9E877F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
12-10-2024 22:15:58 Revo Uninstaller's restore point - Brave
12-10-2024 22:17:29 Revo Uninstaller's restore point - DuplicateFileFinder 2.4.4.128
12-10-2024 22:18:36 Revo Uninstaller's restore point - Orion by ESTECH
12-10-2024 22:19:27 Revo Uninstaller's restore point - Zoom
12-10-2024 22:20:17 Revo Uninstaller's restore point - Smart Switch
12-10-2024 22:21:40 Revo Uninstaller's restore point - Mozilla Firefox (x64 en-US)
12-10-2024 22:22:33 Revo Uninstaller's restore point - Microsoft OneDrive
12-10-2024 22:24:33 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.3
12-10-2024 22:25:20 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.6 SS
12-10-2024 22:26:02 Revo Uninstaller's restore point - Lovato Easy Fast 1.6.0
12-10-2024 22:26:57 Revo Uninstaller's restore point - Lovato Easy Fast S
12-10-2024 22:28:21 Revo Uninstaller's restore point - Lovato Easy Fast 1.8.1 E
12-10-2024 22:29:19 Revo Uninstaller's restore point - Xbox Game bar
12-10-2024 22:29:49 Revo Uninstaller's restore point - Xbox Game Speech Window
12-10-2024 22:30:30 Revo Uninstaller's restore point - Game Bar
12-10-2024 22:31:38 Revo Uninstaller's restore point - Xbox Identity Provider
14-10-2024 13:06:03 AdwCleaner_BeforeCleaning_14/10/2024_13:06:03
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/12/2024 10:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: haspdinst_x64.exe, verzia: 5.95.17162.1, časová značka: 0x4cbed4fe
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000000000
Identifikácia chybujúceho procesu: 0x3ef0
Čas spustenia chybujúcej aplikácie: 0x01db1ce4fd516515
Cesta chybujúcej aplikácie: C:\Users\dell\AppData\Local\Temp\haspdinst_x64.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: f8563c8a-0c1e-469c-91e3-35daeec073dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/10/2024 07:22:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:02:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:01:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 5554
Start Time: 01db1b320eeef16e
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Report Id: e457b499-7c21-40b2-973e-11df253a5a05
Faulting package full name: 5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/06/2024 03:13:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/06/2024 03:01:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/05/2024 11:17:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SupportAssistSoftwareDiags.exe, verzia: 4.0.3.61632, časová značka: 0x64b073ea
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2364, časová značka: 0x5b7d4d22
Kód výnimky: 0xe0434352
Odstup chyby: 0x000000000002cd29
Identifikácia chybujúceho procesu: 0x4620
Čas spustenia chybujúcej aplikácie: 0x01db1706c2931a83
Cesta chybujúcej aplikácie: C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistSoftwareDiags.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: a8e9b491-51ea-4bf5-a909-e952f5a02e68
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/05/2024 11:17:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SupportAssistSoftwareDiags.exe
CoreCLR Version: 6.0.2824.12007
.NET Version: 6.0.28
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException: Safe handle has been closed.
Object name: 'SafeHandle'.
at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success)
at Interop.Kernel32.SetEvent(SafeWaitHandle handle)
at System.Threading.EventWaitHandle.Set()
at Dell.Client.Framework.Common.PluginManagerBase.Dispose(Boolean disposing)
at Dell.Client.Framework.Common.PluginManagerBase.Dispose()
at Dell.Client.Framework.Agent.Agent.Dispose(Boolean disposing)
at Dell.Client.Framework.Agent.Agent.Dispose()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.SoftwareDiagnosticsSubAgent.DisposeAgent()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.Program.CurrentDomain_ProcessExit(Object sender, EventArgs e)
at System.AppContext.OnProcessExit()
System errors:
=============
Error: (10/14/2024 03:24:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Remediation zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/14/2024 03:22:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (10/14/2024 03:20:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NJI2HDQ)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (10/14/2024 03:16:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell SupportAssist sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 32767 ms bude vykonaná nasledujúca opravná akcia: Spustit nakonfigurovaný program pro obnovení.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fusion Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Service API sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Windows Defender:
================
Date: 2024-06-09 19:47:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-08 14:46:38
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:11
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Event[0]:
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2023-11-10 19:09:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-05 20:11:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-02 14:22:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-16 19:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-25 14:40:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-21 15:29:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-02 19:30:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-22 18:11:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.27.0 07/10/2024
Motherboard: Dell Inc. 0G62VR
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 74%
Total physical RAM: 6030.26 MB
Available physical RAM: 1562.75 MB
Total Virtual: 16270.26 MB
Available Virtual: 8952.63 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.9 GB) (Free:74.22 GB) (Model: PC SN530 NVMe WDC 256GB) NTFS
Drive e: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:142.44 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{16f63fd2-dffb-4822-b08c-a1a256a70b0e}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{589ff040-b0c3-4716-be89-7d1153570785}\ (Image) (Fixed) (Total:14.87 GB) (Free:0.16 GB) NTFS
\\?\Volume{7e9f1068-1485-4098-be6c-1fb3ca91f7f2}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.38 GB) NTFS
\\?\Volume{e35ca227-1a67-4280-8947-a2d904fa6c11}\ (ESP) (Fixed) (Total:0.24 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 61D739B2)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 8BAAD6F4)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Jojo (administrator) on DESKTOP-NJI2HDQ (Dell Inc. Vostro 15 3515) (14-10-2024 15:49:53)
Running from C:\Users\dell\Desktop\FRST64.exe
Loaded Profiles: Jojo
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\atiesrxx.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe [5332192 2023-10-11] (Waves Inc -> Waves Audio Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\Run: [MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-05] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk *
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3005200C-D018-4C27-A290-33BAF8F44997} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {A8334479-7532-4FE1-ADC2-EEB2633FA11D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {17566DC2-D357-4758-9A14-8CDE91DFD162} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917936 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B248BAB-A3EC-4A8B-8D54-8B04F0190FFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {367FEDAF-6C41-4A72-B36B-0E823E54FCC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE446390-8020-4288-ACA9-C7445039ABFA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\FlickLearningWipiHelper.ProxyStub => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\/U "C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic\YqeufldDTMCI.dll"
Task: {1DEF3148-3249-44EA-995F-461B8F10F416} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76D5462E-E53D-4F33-9051-FF03B7558C4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {784F7C7A-03B5-4A23-B30C-B9A50B1FB35A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b8261f0-072b-4cf0-9fe3-5ab92e781d95}: [DhcpDomain] home
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ed25e3ce-9f06-48c8-9c8b-ec0fa8ff50f9}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-14]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
FireFox:
========
FF DefaultProfile: wnsqvz9f.default
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\wnsqvz9f.default [2024-10-14]
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release [2024-10-14]
FF Session Restore: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\u4ayz4km.default-release -> hxxps://meet.google.com
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\firefox@ghostery.com.xpi [2024-09-22]
FF Extension: (Feedly Notifier) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-BOjn8b0IM7kH2w@jetpack.xpi [2023-07-23]
FF Extension: (I don't care about cookies) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2024-01-26]
FF Extension: (Language: Čeština (Czech)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2024-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2024-09-22]
FF Extension: (Visionary – Balanced) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\visionary-balanced-colorway@mozilla.org.xpi [2023-04-24]
FF Extension: (Urban VPN proxy) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\u4ayz4km.default-release\Extensions\{fca67f41-776b-438a-9382-662171858615}.xpi [2024-01-26]
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2024-10-14]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR Session Restore: Default -> is enabled.
CHR Extension: (Tabs Backup & Restore) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2024-06-20]
CHR Extension: (Feedly Notifier) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2024-06-20]
CHR Extension: (I don't care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-14]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-14]
CHR Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-10-14]
CHR Extension: (VPN Surf - Rýchla VPN odblokovaním) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhnfcgpcbfclhfafjlooihdfghaeinfc [2024-09-21]
CHR Extension: (Enable local file links) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikfmfgobenbhmocjaaboihbeocackld [2024-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-20]
Brave:
=======
BRA Profile: C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-10-14]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-09-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-09-18]
BRA Extension: (Brave NTP background images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-09-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-09-18]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjgplcflbkgklplplbakkopkafojhbmk [2024-09-18]
BRA Extension: (Brave Ads Resources) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\obponfmfefkaeehakbehbnnlcbebebhd [2024-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\dell\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2024-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203440 2024-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57832 2024-07-15] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51936 2024-07-19] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2080120 2024-06-04] (IndiLogic LLC -> Dell Inc.)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.)
S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_b7f9dde45e4b9cdd\AS\IAS\IntelAudioService.exe [537984 2021-04-02] (Smart Sound Technology -> Intel)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SessionSvc; C:\Windows\System32\drivers\GoodixSessionService.exe [45344 2024-03-18] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22548280 2024-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe [161000 2023-10-11] (Waves Inc -> Waves Audio Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0402605.inf_amd64_436c7d82eab5c303\B399655\amdkmdag.sys [106388072 2024-05-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [35792 2020-09-01] (Dell Inc -> OSR Open Systems Resources, Inc.)
R3 DPMDriver; C:\Windows\System32\drivers\DPMDriver.sys [142272 2024-03-25] (IndiLogic LLC -> Dell Inc.)
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems LTD -> Aladdin Knowledge Systems Ltd.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [137040 2021-01-21] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 MpKsl79fa4f28; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A9087CE-6607-46F5-A3D8-CD3E66FFED56}\MpKslDrv.sys [267552 2024-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-11-28] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 15:49 - 2024-10-14 15:50 - 000025714 _____ C:\Users\dell\Desktop\FRST.txt
2024-10-14 15:21 - 2024-10-14 15:21 - 000000008 __RSH C:\ProgramData\ntuser.pol
2024-10-14 15:16 - 2024-10-14 15:22 - 000004722 _____ C:\Users\dell\Desktop\Fixlog.txt
2024-10-14 13:35 - 2024-10-14 13:35 - 000000000 _____ C:\Windows\invcol.tmp
2024-10-14 13:04 - 2024-10-14 13:06 - 000000000 ____D C:\AdwCleaner
2024-10-14 13:03 - 2024-10-14 13:03 - 008790880 _____ (Malwarebytes) C:\Users\dell\Desktop\adwcleaner.exe
2024-10-12 21:55 - 2024-10-14 15:50 - 000000000 ____D C:\FRST
2024-10-12 21:53 - 2024-10-12 21:53 - 002397696 _____ (Farbar) C:\Users\dell\Desktop\FRST64.exe
2024-10-12 21:49 - 2024-10-12 21:49 - 000388608 _____ (Trend Micro Inc.) C:\Users\dell\Downloads\hijackthis.exe
2024-10-12 21:47 - 2024-10-12 21:47 - 000000000 ____D C:\Windows\LastGood
2024-10-11 23:39 - 2024-10-11 23:39 - 000169478 _____ C:\Users\dell\Downloads\priloha_1424560888_0_zprava.pdf
2024-10-11 23:35 - 2024-10-12 21:45 - 000000020 _____ C:\Users\dell\Desktop\datovka.txt
2024-10-09 14:00 - 2024-10-09 14:00 - 000662438 _____ C:\Users\dell\Downloads\AIR-Vozidlo.pdf
2024-10-06 15:36 - 2024-10-06 15:36 - 000001614 _____ C:\Users\dell\Desktop\e61 moja vybava.txt
2024-10-05 18:17 - 2024-10-05 18:17 - 000397384 _____ C:\Users\dell\Downloads\Junkers-TRQ-21-W-B-Installations-u-Bedienungsanleitung.pdf
2024-09-27 19:30 - 2024-09-27 19:30 - 000052247 _____ C:\Users\dell\Downloads\The-Secret-of-Kells(0000162623).srt
2024-09-24 13:28 - 2024-09-24 13:36 - 000000000 ____D C:\Users\dell\Desktop\mp3
2024-09-24 13:20 - 2017-12-29 14:36 - 977387520 _____ C:\Users\dell\Desktop\The Secret of Kells (2009) BRRip Xvid orig zneni 720x400.avi
2024-09-24 13:05 - 2024-09-24 13:05 - 000001203 _____ C:\Users\dell\Desktop\SubtitleEdit – odkaz.lnk
2024-09-24 12:53 - 2024-09-24 13:14 - 000000000 ____D C:\Users\dell\Downloads\SE408
2024-09-24 12:52 - 2024-09-24 12:52 - 012190758 _____ C:\Users\dell\Downloads\SE408.zip
2024-09-24 12:45 - 2024-09-24 12:45 - 000012880 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000033369).zip
2024-09-24 12:38 - 2024-09-24 13:14 - 000038846 _____ C:\Users\dell\Downloads\Doctor Who S01E01.srt
2024-09-24 12:38 - 2024-09-24 12:38 - 000016801 _____ C:\Users\dell\Downloads\Doctor-Who-S01E01(0000110515).zip
2024-09-22 13:09 - 2024-09-22 13:10 - 000000000 ____D C:\Program Files\Java
2024-09-22 13:09 - 2024-06-05 13:24 - 000213120 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2024-09-22 13:09 - 2024-06-05 13:24 - 000178816 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2024-09-22 12:30 - 2024-09-22 12:30 - 000000000 ____D C:\Windows\{15DA82A3-B124-45FA-A87D-51DB76178223}
2024-09-22 12:01 - 2024-09-22 12:01 - 000000000 ____D C:\Users\dell\Downloads\The Witches of Eastwick 1987 BDRip 1080p DTS multisub-HighCode
2024-09-21 19:03 - 2024-09-21 19:03 - 000084084 _____ C:\Users\dell\Desktop\Magicka-posedlost(0000057817).srt
2024-09-21 19:01 - 2024-09-21 19:01 - 000084084 _____ C:\Users\dell\Desktop\Practical-Magic(0000122609).srt
2024-09-21 18:58 - 2024-10-12 22:37 - 000000000 ____D C:\Users\dell\Downloads\[ www.Torrenting.com ] - Practical.Magic.1998.iNTERNAL.DVDRip.XviD-8BaLLRiPS
2024-09-18 11:51 - 2024-09-18 11:51 - 000000000 ____D C:\Users\dell\AppData\Local\BraveSoftware
2024-09-18 11:49 - 2024-09-18 11:50 - 001276712 _____ (BraveSoftware Inc.) C:\Users\dell\Downloads\BraveBrowserSetup-BRV010.exe
2024-09-17 23:14 - 2024-09-17 23:14 - 000119288 _____ C:\Users\dell\Downloads\Splnomocnenie pdf.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-14 15:39 - 2021-09-14 20:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-10-14 15:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-14 15:26 - 2021-09-14 20:35 - 000683504 _____ C:\Windows\system32\perfh005.dat
2024-10-14 15:26 - 2021-09-14 20:35 - 000137284 _____ C:\Windows\system32\perfc005.dat
2024-10-14 15:26 - 2021-09-14 20:05 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-14 15:26 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-14 15:22 - 2024-03-22 15:39 - 000000000 ____D C:\Program Files\TeamViewer
2024-10-14 15:21 - 2021-09-14 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-14 15:21 - 2021-09-14 19:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-14 15:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-10-14 15:21 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-14 15:19 - 2023-01-19 10:48 - 000000000 ____D C:\Users\dell\AppData\LocalLow\Temp
2024-10-14 15:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2024-10-14 13:44 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-14 13:33 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\D3DSCache
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-14 13:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-14 13:08 - 2022-06-21 21:10 - 000000000 ____D C:\Windows\SystemTemp
2024-10-14 13:07 - 2021-09-14 20:19 - 000000000 ____D C:\ProgramData\Dell
2024-10-14 13:06 - 2022-05-18 14:53 - 000000000 ____D C:\Users\dell\Documents\Dell
2024-10-12 22:38 - 2022-05-21 23:43 - 000000000 ____D C:\Users\dell\Desktop\RevoUninstaller_Portable
2024-10-12 22:37 - 2024-06-18 22:36 - 000000000 ____D C:\Users\dell\AppData\Roaming\utorrent
2024-10-12 22:37 - 2021-09-14 19:58 - 000000000 ____D C:\ProgramData\Goodix
2024-10-12 22:32 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\Packages
2024-10-12 22:26 - 2024-02-11 15:41 - 000000000 ____D C:\Program Files (x86)\Lovato
2024-10-12 22:22 - 2022-05-16 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-12 22:21 - 2023-01-28 17:11 - 000000000 ____D C:\Users\dell\AppData\Roaming\Samsung
2024-10-12 22:20 - 2023-01-28 17:10 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-10-12 22:20 - 2022-05-18 16:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-10-12 21:50 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Local\VirtualStore
2024-10-12 15:59 - 2021-09-14 20:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-11 23:34 - 2024-08-04 17:27 - 000000000 ____D C:\Users\dell\Desktop\valce
2024-10-10 18:06 - 2021-09-14 20:19 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-10 18:06 - 2021-09-14 20:19 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-09 14:02 - 2023-01-19 10:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-10-28 11:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-09 14:02 - 2022-05-16 12:10 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-05 18:15 - 2024-06-20 18:11 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-05 18:15 - 2024-06-20 18:11 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-01 20:10 - 2022-12-07 21:01 - 000000000 ____D C:\Users\dell\AppData\Roaming\vlc
2024-09-22 13:09 - 2023-05-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-09-22 13:09 - 2023-01-07 01:03 - 000000000 ____D C:\Program Files (x86)\Java
2024-09-22 12:43 - 2023-01-02 18:13 - 000000000 ____D C:\Users\dell\AppData\Local\BitTorrentHelper
2024-09-22 12:32 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files (x86)\Dell
2024-09-22 12:31 - 2021-09-14 20:19 - 000000000 ____D C:\Program Files\Dell
2024-09-18 19:27 - 2023-01-02 18:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-17 23:14 - 2022-10-28 10:50 - 000000000 ____D C:\Users\dell\AppData\Roaming\com.adobe.dunamis
2024-09-17 23:14 - 2022-05-18 14:35 - 000000000 ____D C:\Users\dell\AppData\Roaming\Microsoft\Word
2024-09-17 23:14 - 2022-05-16 12:05 - 000000000 ____D C:\Users\dell\AppData\Local\Adobe
2024-09-17 23:14 - 2022-05-08 16:15 - 000000000 ____D C:\Users\dell\AppData\Roaming\Adobe
2024-09-17 15:42 - 2021-09-14 19:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Jojo (14-10-2024 15:51:06)
Running from C:\Users\dell\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.2364 (X64) (2022-05-08 14:05:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3623039732-264876851-2668231124-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3623039732-264876851-2668231124-503 - Limited - Disabled)
Guest (S-1-5-21-3623039732-264876851-2668231124-501 - Limited - Disabled)
Jojo (S-1-5-21-3623039732-264876851-2668231124-1001 - Administrator - Enabled) => C:\Users\dell
WDAGUtilityAccount (S-1-5-21-3623039732-264876851-2668231124-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BMW Group ISTA (HKLM-x32\...\{FD79F009-F13C-4722-A0EC-5F342E584F7D}_is1) (Version: 4.25.32 - BMW AG)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
Dell Digital Delivery Services (HKLM-x32\...\{7B4345F5-8B57-4716-B159-8A779BA8F8B0}) (Version: 5.2.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{1B2B45BE-37F7-4263-9262-B183735BF5A4}) (Version: 4.1.8330 - Screenovate Technologies Ltd.)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{B724D287-C1C8-472E-B56B-41AEA619740F}) (Version: 5.4.0 - Dell Inc.)
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
Fingerprint Sensor Driver (HKLM-x32\...\{D9C19E6E-4403-4DDF-B290-ECFAE2072FF9}) (Version: 20.6.0.7 - Realtek Semiconductor Corp.)
Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java 8 Update 421 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Microchip LAN9500 Device Driver (HKLM\...\{9387F7BF-D949-4421-89DA-D75A053F5E91}) (Version: 18.12.18.0 - Microchip Technology Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Volume - cs-cz) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20771 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9597.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6C2C3E2A-EECF-4CA7-9AE4-54907F256E50}) (Version: 19.237.0255 - REALTEK Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.58.4 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.2.0.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2024-02-28] (Screenovate Technologies)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-06-19] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.4.19.0_x86__htrsf667h5kn2 [2024-09-22] (Dell Inc)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-09-17] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2022-05-08] (Dell Inc)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0 [2024-10-14] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2021 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2021_4.0.53.0_x64__fh4rh281wavaa [2022-05-16] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-10] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3623039732-264876851-2668231124-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_351-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\ediabas\bin;C:\EDIABAS\BIN\;C:\Program Files\dotnet\
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1600687.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3623039732-264876851-2668231124-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{66E08516-DDF2-49B8-93AE-FB10232678D4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E8AB8300-A5C7-4C0A-AFCC-A07967E4EDAC}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [TCP Query User{25325BF3-F629-4166-9696-4B5FB15F616C}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B869B1AE-7EDD-4EA8-BB4C-99C1FFDFD841}C:\users\dell\desktop\anydesk.exe] => (Allow) C:\users\dell\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{935F1E78-EDFE-43AE-A80C-6AAAC0835089}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CEA971-CB05-483C-9E05-0B2F11EFA627}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9A7D221-C687-4F9A-B8C1-3F5607C27E5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A8F0175-04F4-498E-BEDB-E740007D23CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9B9700-2E2B-4EC4-8325-A040997C139C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A5B325-E6A4-48EC-B974-0C69F92E3F73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19F5C229-04F8-45F6-BD7F-265F8E07E5E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAE62089-23FD-4EEB-A490-E46CAE32228E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E2A9698-4E53-4054-9F02-9DD65F8A025D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{845A18F2-5CF4-4C85-A21C-6CB225191A15}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [UDP Query User{8ECA7DA8-E812-457F-98DC-BB3C7B51980A}C:\ediabas\bin\ifhsrv32.exe] => (Allow) C:\ediabas\bin\ifhsrv32.exe () [File not signed]
FirewallRules: [{CC0AEC8E-A2BB-4F98-98CC-7E7A420D0A36}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B59326B-925A-47E0-8098-B15A5FC849AB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81230130-5970-49EA-AE5B-9F8CC3AC4238}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1739BB72-28FD-4357-BA4A-0D0A3BB732E2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C1B99B7A-D337-40BE-9CBA-6CD6DD8F0492}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{E22928CD-9FDB-40DA-8E54-DD7D306FA2B5}] => (Allow) C:\Users\dell\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4EDC5CE6-97DE-4615-9616-D0AE3BEDE7BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ECF8A0E9-C772-4A3D-B885-104E4E85E828}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53C6688-A7B1-4639-9B9A-F0C4FC055405}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FEDD703-65A1-430E-874C-6901E1ECA155}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9DD3721-E226-4EE5-BCCB-9D7C1EE40DEC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA893D8C-294F-44CB-A5CC-8D89A26E299C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{377FD51D-EF66-4796-8C61-AE0BDD72F037}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61B46162-A5CE-4156-AF0C-8D6F7E9FCE8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07EDF130-C2EB-4CAE-B555-A9D79DD4A9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{829ADFBF-F883-45B8-A618-5161AE5FE4C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A301F200-0F6C-4B62-8DF6-C27CCCB135C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A6E71988-F0AB-4F06-B336-5A313BAE52DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6C76D63C-1CEF-47C3-A852-4826E968C250}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6679DA47-FFE9-40EB-9977-9BC062B6EC38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF56920E-B9C4-4BB1-AE77-050B2376287F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BB010172-C9DD-491E-BB8F-8444DD9E877F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
12-10-2024 22:15:58 Revo Uninstaller's restore point - Brave
12-10-2024 22:17:29 Revo Uninstaller's restore point - DuplicateFileFinder 2.4.4.128
12-10-2024 22:18:36 Revo Uninstaller's restore point - Orion by ESTECH
12-10-2024 22:19:27 Revo Uninstaller's restore point - Zoom
12-10-2024 22:20:17 Revo Uninstaller's restore point - Smart Switch
12-10-2024 22:21:40 Revo Uninstaller's restore point - Mozilla Firefox (x64 en-US)
12-10-2024 22:22:33 Revo Uninstaller's restore point - Microsoft OneDrive
12-10-2024 22:24:33 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.3
12-10-2024 22:25:20 Revo Uninstaller's restore point - Lovato Easy Fast 1.5.6 SS
12-10-2024 22:26:02 Revo Uninstaller's restore point - Lovato Easy Fast 1.6.0
12-10-2024 22:26:57 Revo Uninstaller's restore point - Lovato Easy Fast S
12-10-2024 22:28:21 Revo Uninstaller's restore point - Lovato Easy Fast 1.8.1 E
12-10-2024 22:29:19 Revo Uninstaller's restore point - Xbox Game bar
12-10-2024 22:29:49 Revo Uninstaller's restore point - Xbox Game Speech Window
12-10-2024 22:30:30 Revo Uninstaller's restore point - Game Bar
12-10-2024 22:31:38 Revo Uninstaller's restore point - Xbox Identity Provider
14-10-2024 13:06:03 AdwCleaner_BeforeCleaning_14/10/2024_13:06:03
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/12/2024 10:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: haspdinst_x64.exe, verzia: 5.95.17162.1, časová značka: 0x4cbed4fe
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000000000
Identifikácia chybujúceho procesu: 0x3ef0
Čas spustenia chybujúcej aplikácie: 0x01db1ce4fd516515
Cesta chybujúcej aplikácie: C:\Users\dell\AppData\Local\Temp\haspdinst_x64.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: f8563c8a-0c1e-469c-91e3-35daeec073dc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/10/2024 07:22:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:02:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/10/2024 07:01:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 5554
Start Time: 01db1b320eeef16e
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Report Id: e457b499-7c21-40b2-973e-11df253a5a05
Faulting package full name: 5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/06/2024 03:13:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/06/2024 03:01:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Přístup byl odepřen..This is often caused by incorrect security settings in either the writer or requestor process.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c87ff32f-b482-40fa-8719-60a177b2d566}
Error: (10/05/2024 11:17:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SupportAssistSoftwareDiags.exe, verzia: 4.0.3.61632, časová značka: 0x64b073ea
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2364, časová značka: 0x5b7d4d22
Kód výnimky: 0xe0434352
Odstup chyby: 0x000000000002cd29
Identifikácia chybujúceho procesu: 0x4620
Čas spustenia chybujúcej aplikácie: 0x01db1706c2931a83
Cesta chybujúcej aplikácie: C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistSoftwareDiags.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: a8e9b491-51ea-4bf5-a909-e952f5a02e68
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/05/2024 11:17:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SupportAssistSoftwareDiags.exe
CoreCLR Version: 6.0.2824.12007
.NET Version: 6.0.28
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException: Safe handle has been closed.
Object name: 'SafeHandle'.
at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success)
at Interop.Kernel32.SetEvent(SafeWaitHandle handle)
at System.Threading.EventWaitHandle.Set()
at Dell.Client.Framework.Common.PluginManagerBase.Dispose(Boolean disposing)
at Dell.Client.Framework.Common.PluginManagerBase.Dispose()
at Dell.Client.Framework.Agent.Agent.Dispose(Boolean disposing)
at Dell.Client.Framework.Agent.Agent.Dispose()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.SoftwareDiagnosticsSubAgent.DisposeAgent()
at Dell.SupportAssist.Client.Agent.SoftwareDiags.Program.CurrentDomain_ProcessExit(Object sender, EventArgs e)
at System.AppContext.OnProcessExit()
System errors:
=============
Error: (10/14/2024 03:24:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Remediation zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/14/2024 03:22:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Intel(R) Audio Service bola ukončená s nasledujúcou chybou služby:
The operation completed successfully.
Error: (10/14/2024 03:20:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NJI2HDQ)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (10/14/2024 03:16:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell SupportAssist sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 32767 ms bude vykonaná nasledujúca opravná akcia: Spustit nakonfigurovaný program pro obnovení.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fusion Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/14/2024 03:16:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Service API sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.
Windows Defender:
================
Date: 2024-06-09 19:47:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-08 14:46:38
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:47
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Date: 2024-06-05 13:11:11
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:BAT/AutoKms
Severity: Vysoké
Category: Nástroj
Path: file:_C:\Program Files (x86)\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO\KMS_VL_ALL_AIO.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Program Files\Dell\SupportAssistAgent\SRE\SRE.exe
Security intelligence Version: AV: 1.413.114.0, AS: 1.413.114.0, NIS: 1.413.114.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Event[0]:
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-05-03 09:04:21
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.579.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-05-16 11:33:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2023-11-10 19:09:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-05 20:11:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-02 14:22:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-16 19:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-25 14:40:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-21 15:29:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-02 19:30:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-22 18:11:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.27.0 07/10/2024
Motherboard: Dell Inc. 0G62VR
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 74%
Total physical RAM: 6030.26 MB
Available physical RAM: 1562.75 MB
Total Virtual: 16270.26 MB
Available Virtual: 8952.63 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.9 GB) (Free:74.22 GB) (Model: PC SN530 NVMe WDC 256GB) NTFS
Drive e: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:142.44 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{16f63fd2-dffb-4822-b08c-a1a256a70b0e}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{589ff040-b0c3-4716-be89-7d1153570785}\ (Image) (Fixed) (Total:14.87 GB) (Free:0.16 GB) NTFS
\\?\Volume{7e9f1068-1485-4098-be6c-1fb3ca91f7f2}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.38 GB) NTFS
\\?\Volume{e35ca227-1a67-4280-8947-a2d904fa6c11}\ (ESP) (Fixed) (Total:0.24 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 61D739B2)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 8BAAD6F4)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: možný keyloger
Zkusil jste připojit jinou klávesku?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: možný keyloger
skusil som 2 klavesnice, jednu bez a druhu drôtovu. Skusil som prehodit jazyk CZE-SVK, na oboch to robi rovnaky problem. Preco to ale prestalo nachvilu robit? co sa tym prikazom zmazalo?
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: možný keyloger
Zkusíme ještě tuto utilitu: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Návod v odkazu je na starší verzi.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: možný keyloger
Ahoj,
prosim te, zabal mi slozku C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic do raru/zipu (zahesluj heslem infected) a nekam ji uploadni - klidne ulozto.
Az mi ji vysdilis, pak tuto slozku ze sveho PC smaz.
Nepamatujes si, co keyloggeru predchazelo? Nejaky crack?
prosim te, zabal mi slozku C:\Program Files (x86)\Common Files\DevicesTemp\PackGvvpvic do raru/zipu (zahesluj heslem infected) a nekam ji uploadni - klidne ulozto.
Az mi ji vysdilis, pak tuto slozku ze sveho PC smaz.
Nepamatujes si, co keyloggeru predchazelo? Nejaky crack?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: možný keyloger
zasa to funguje, asi kaspersky pomohol. tu je screen z toho, čo našiel. Čo sú to za hávede? Na čo slúžia?
možno sa nainstaloval nejaký program menom KMS Pico
možno sa nainstaloval nejaký program menom KMS Pico
Přispějete na provoz fóra?