Prosím o kontrolu.

[Martin000]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2024
Ran by Dafi (02-12-2024 10:46:28)
Running from C:\Users\Dafi\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2024-01-28 18:01:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3938597611-2843190907-3524625560-500 - Administrator - Disabled)
Dafi (S-1-5-21-3938597611-2843190907-3524625560-1001 - Administrator - Enabled) => C:\Users\Dafi
DefaultAccount (S-1-5-21-3938597611-2843190907-3524625560-503 - Limited - Disabled)
Guest (S-1-5-21-3938597611-2843190907-3524625560-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3938597611-2843190907-3524625560-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
7-Zip 23.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2300-000001000000}) (Version: 23.00.00.0 - Igor Pavlov)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.9.9452.2135 - Gen Digital Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.29 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 130.0.27176.93 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1691.6 - Piriform Software) Hidden
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1709 - Disc Soft Ltd)
Fallout2 (HKLM-x32\...\Fallout2) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.70 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\OneDriveSetup.exe) (Version: 24.216.1027.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0 (x64 cs)) (Version: 133.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0 - Mozilla)
NVIDIA Ovladač 3D Vision 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Software tiskárny EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - )
Star Wars Jedi Knight - Jedi Academy Čeština + Dabing (HKLM-x32\...\Star Wars Jedi Knight - Jedi Academy Čeština + Dabing 1.0.0) (Version: 1.0.0 - BonusWeb)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version: - )
Star Wars Knights Of The Old Republic II The Siths Lords (HKLM-x32\...\Star Wars Knights Of The Old Republic II The Siths Lordsv2.0 Update 1.0b) (Version: v2.0 Update 1.0b - LucasArts by Etnik_23)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
TP-Link TL-WN722N (HKLM-x32\...\{F9C15685-38A9-46A1-9826-97204015C19C}) (Version: 2.1.0 - TP-Link)
TP-Link Wireless Adapter WPS Tool (HKLM-x32\...\{685EFF87-B126-49E4-8213-70C56625C5B5}) (Version: 1.0.0.1 - TP-Link)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
War Thunder Launcher 1.0.3.213 (HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.987 - McAfee, LLC)
WPS Office (12.2.0.18911) (HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\Kingsoft Office) (Version: 12.2.0.18911 - Kingsoft Corp.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.6.9080.0_x64__8wekyb3d8bbwe [2024-09-12] (Microsoft Studios)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-28] (Microsoft Corp.)
Windows App Runtime DDLM 5001.119.156.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.119.156.0-x6_5001.119.156.0_x64__8wekyb3d8bbwe [2024-06-06] (Microsoft Corporation)
Windows App Runtime DDLM 5001.119.156.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.119.156.0-x8_5001.119.156.0_x86__8wekyb3d8bbwe [2024-06-06] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3938597611-2843190907-3524625560-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Dafi\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-03-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-03-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1_S-1-5-21-3938597611-2843190907-3524625560-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Dafi\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\kwpsmenushellext64.dll [2024-11-07] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-3938597611-2843190907-3524625560-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Dafi\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\kwpsmenushellext64.dll [2024-11-07] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Dafi\Desktop\Lucie - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Dafi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2020-02-23 15:33 - 2018-01-30 09:59 - 000195072 _____ () [File not signed] C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\DC_WFF.dll
2024-01-28 18:52 - 2015-06-29 20:08 - 001406200 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-02-23 15:33 - 2018-01-30 09:59 - 001715200 _____ (TP-Link Technologies Co., Ltd) [File not signed] C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\language\English(United_States)\nicLan.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-22] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-22] (McAfee, LLC -> McAfee, LLC)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dafi\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\111111111.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "update.bat"
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C2AB7B4C4369F745A9AA04A850088382"
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\StartupApproved\Run: => "Microsoft Edge Update"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{558E563A-BD33-4FF0-9AE6-F8AD9531CEC6}E:\sw hra\gamedata\jamp.exe] => (Block) E:\sw hra\gamedata\jamp.exe (Activision Inc) [File not signed]
FirewallRules: [TCP Query User{ABB9E6F0-97DE-499C-8B67-219A1976D8E2}E:\sw hra\gamedata\jamp.exe] => (Block) E:\sw hra\gamedata\jamp.exe (Activision Inc) [File not signed]
FirewallRules: [UDP Query User{B8CCC716-F1B2-4D6D-AF72-DF2BDD1F3557}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{BE75F05E-3E47-496D-AF6F-71EB6271F3D3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{64E105F3-3AB6-43F9-B739-32CD0831C0B5}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{96F2B676-0358-4C88-B529-5D67CA886277}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{4093DC9D-3C34-4708-82AA-0FD5520CA0F9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{AC8D357E-701B-4203-8148-5EAE44A6DE7B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4C260CBF-A754-45F4-9313-943C9D167BC4}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{2D34D30B-1E2C-4A27-9F2F-B860E5D7CE4E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74EDA6EB-3BA3-47BF-A786-F407864FB873}] => (Allow) C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{E3303BA8-5C06-4C2B-A467-AE8A00470F86}] => (Allow) C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{5D256B55-B38E-464A-880B-68389231537B}] => (Allow) C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{7BBF3463-1D94-405E-9C5C-9755AA5772BB}] => (Allow) C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{136142E5-C13D-4BB2-A8CC-68B895BE076E}] => (Allow) C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{FFF644A4-830C-43AA-9EDF-3AA43A888F4B}] => (Allow) C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [TCP Query User{0BD83078-F610-4FFA-8758-2F20819C4678}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FEE46216-7AEA-4EF7-B9E4-57DDAC829501}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{16D7342C-A041-47BA-9DE1-9DBA013FEC3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3353ACB-603D-4C81-817A-4401758D9348}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{664068B4-749A-49B2-893B-1155B3E3CA07}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FirewallRules: [{A0412CB1-B9DE-449A-B371-6EBC65E2E28C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86C5FF3E-2599-4E5F-81F2-6D5545ACD1F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52DAE421-C3F0-4A42-A263-03AD8DB57A76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{843A5C52-A203-4BD4-BFC3-1ACDCCE53037}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8B9D4E6B-1E18-4642-9F5C-C20960B3F792}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{74CDFBCE-582E-43B0-A056-2175AC7FC4B4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

20-11-2024 00:10:00 Naplánovaný kontrolní bod
28-11-2024 19:46:46 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/28/2024 07:46:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/27/2024 05:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0x13b0
Čas spuštění chybující aplikace: 0x01db40ec142f11f6
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: 461fb702-6bdc-46e6-9eee-b874c6b861c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2024 05:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0x362c
Čas spuštění chybující aplikace: 0x01db40ec12e3b74d
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: 77493347-f047-4831-8bc0-a77323192587
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2024 05:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0xbec
Čas spuštění chybující aplikace: 0x01db40ec119aa95a
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: 8a29bfb5-4e9b-4bca-95a2-b4d9b9082f80
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2024 05:47:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0x12c
Čas spuštění chybující aplikace: 0x01db40ec10351400
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: b3da734a-b238-4d37-8fae-6582fdac9f32
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2024 05:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0x2ff8
Čas spuštění chybující aplikace: 0x01db40ec0d7b88a8
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: 70729bcb-21bb-4b5d-9d50-22d06cfe0370
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2024 05:47:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0x718
Čas spuštění chybující aplikace: 0x01db40ebfaaa1b20
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: dcb6320d-223a-437d-9ae8-9026b08b08ba
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2024 05:46:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_AppXSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: appxdeploymentserver.dll, verze: 10.0.19041.5072, časové razítko: 0x559cd44d
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001fd08b
ID chybujícího procesu: 0x234
Čas spuštění chybující aplikace: 0x01db40443b176105
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\appxdeploymentserver.dll
ID zprávy: fa1ee170-a2db-4479-bab4-11ef52853ed8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/27/2024 05:48:32 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-UPBMIK4)
Description: Nelze spustit server DCOM: Microsoft.YourPhone_1.24102.96.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (11/27/2024 05:47:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AppX Deployment Service (AppXSVC) byla neočekávaně ukončena. Tento stav nastal již 7krát.

Error: (11/27/2024 05:47:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AppX Deployment Service (AppXSVC) byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (11/27/2024 05:47:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AppX Deployment Service (AppXSVC) byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (11/27/2024 05:47:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AppX Deployment Service (AppXSVC) byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (11/27/2024 05:47:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AppX Deployment Service (AppXSVC) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (11/27/2024 05:47:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AppX Deployment Service (AppXSVC) byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (11/27/2024 05:47:08 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-UPBMIK4)
Description: Nelze spustit server DCOM: Microsoft.YourPhone_1.24102.96.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca


CodeIntegrity:
===============
Date: 2024-12-02 10:38:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A01 06/13/2011
Motherboard: Dell Inc. 0M5DCD
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 47%
Total physical RAM: 8164.94 MB
Available physical RAM: 4327.24 MB
Total Virtual: 9444.94 MB
Available Virtual: 5687.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.56 GB) (Free:51.8 GB) (Model: KINGSTON SA400S37480G ATA Device) NTFS
Drive e: (Nový svazek) (Fixed) (Total:232.88 GB) (Free:100.32 GB) (Model: ST3250312AS ATA Device) NTFS
Drive f: (Moje Nehrabat) (Fixed) (Total:1862.98 GB) (Free:968.99 GB) (Model: WD Elements 2621 USB Device) NTFS

\\?\Volume{f357c740-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: F357C740)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 9523BD1D)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2024
Ran by Dafi (administrator) on DESKTOP-UPBMIK4 (Dell Inc. OptiPlex 390) (02-12-2024 10:44:26)
Running from C:\Users\Dafi\Downloads\FRST64.exe
Loaded Profiles: Dafi
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Dafi\AppData\Local\Microsoft\OneDrive\24.216.1027.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5071_none_7e3c4e707c6a2679\TiWorker.exe
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(TP-Link Technologies Co., Ltd) [File not signed] C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\TWCU.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [457848 2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794888 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [WPSTool] => C:\Users\Dafi\TP-Link Wireless Adapter WPS Tool\TWCU.exe [1891840 2018-01-30] (TP-Link Technologies Co., Ltd) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408896 2021-03-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\...\Run: [MicrosoftEdgeAutoLaunch_C2AB7B4C4369F745A9AA04A850088382] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON PGSTM 64Monitor67: C:\WINDOWS\system32\E_L12067.DLL [108032 2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\130.0.27176.93\Installer\chrmstp.exe [2024-11-12] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-24] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1422CC2C-700A-4769-93CF-83CBB408B8BD} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5230712 2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {6086E144-BCF9-4DB7-AB71-765D9AABA480} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [8207176 2024-09-18] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {4A5D261F-5D57-4072-87B9-FD21AA7E2F93} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D4C7F499-D7B8-42A5-A589-5D4015858DB1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3188472 2024-11-06] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {00E19307-126D-4B82-AD11-E8BD4D101F04} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3188472 2024-11-06] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {B4A938C7-B481-490A-A121-D9D4CE7B5086} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {CBEFE686-3DAC-4643-B9DD-00DFE14F0C20} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-3938597611-2843190907-3524625560-1001 => C:\Program Files\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-05-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {DBD3375A-86A5-4149-9D19-040294C86EF4} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6615d54d-6df3-4a67-b25a-cbbfd50f58f5" --version "6.29.11342" --silent
Task: {CA3BD46D-2AD7-49B4-8B95-17E9D61FBA88} - System32\Tasks\CCleanerSkipUAC - Dafi => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {62980A6A-33A3-4EA7-A905-E5F3A3B6F08F} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208688 2024-05-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {E3A1E706-B3CA-48F4-8C61-C31EFB7D1464} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208688 2024-05-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {9065B196-7624-445C-BBB7-7641868347D3} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{B877A1D1-D3FD-4608-8210-AD5F384F1177} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {C2752090-C0A7-4510-B97A-EF1B6A36E18C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {464E0A40-7C59-4CE1-8C88-3A56A8D61CF1} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3938597611-2843190907-3524625560-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {EC5555B4-0C54-4AFD-AD9D-3D0BB01E0226} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {F3E8E71F-3AF8-429E-8BC7-ACD548067FAE} - System32\Tasks\WpsExternal_Dafi_20241107221824 => C:\Users\Dafi\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\wpscloudsvr.exe [926080 2024-11-07] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {50FFAB70-5B72-4206-97A6-5385E095D0E3} - System32\Tasks\WpsUpdateTask_Dafi => C:\Users\Dafi\AppData\Local\Kingsoft\WPS Office\12.2.0.18911\office6\wpsupdate.exe [1652608 2024-11-07] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b1da4807-c8e5-49e8-b90a-1804c71203a4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca65ab3b-b193-419c-83c7-27bd681738f9}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dafi\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-14]
Edge Extension: (Dokumenty Google offline) - C:\Users\Dafi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Dafi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]
Edge Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\Dafi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjdgandcagmikhlbjnilkmfnjeamfikk [2024-11-04]
Edge HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [mjdgandcagmikhlbjnilkmfnjeamfikk]

FireFox:
========
FF DefaultProfile: b47qsz8l.default
FF ProfilePath: C:\Users\Dafi\AppData\Roaming\Mozilla\Firefox\Profiles\b47qsz8l.default [2024-03-17]
FF ProfilePath: C:\Users\Dafi\AppData\Roaming\Mozilla\Firefox\Profiles\6o4tg5hy.default-release [2024-11-21]
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1691.6\npCCleanerBrowserUpdate3.dll [2024-05-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1691.6\npCCleanerBrowserUpdate3.dll [2024-05-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default [2024-12-01]
CHR Notifications: Default -> hxxps://www.ceskyraj.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-27]
CHR Extension: (Custom Teamspeak 3 Display - by Frizzant) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkocffpmmelgidgjhkadhmhgfeckcpge [2020-03-29]
CHR Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdpelmjpfafjppnhbloffcjpeomlnpah [2024-11-25]
CHR Extension: (Jitsi Meetings) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglhbbefdnlheedjiejgomgmfplipfeb [2024-06-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-11-10]
CHR Profile: C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-12-02]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-02]
CHR Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdpelmjpfafjppnhbloffcjpeomlnpah [2024-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-25]
CHR Profile: C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-11-27]
CHR Notifications: Profile 2 -> hxxps://www.youtube.com
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-11-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-06]
CHR Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kdpelmjpfafjppnhbloffcjpeomlnpah [2024-11-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-04]
CHR Profile: C:\Users\Dafi\AppData\Local\Google\Chrome\User Data\System Profile [2024-12-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-3938597611-2843190907-3524625560-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdpelmjpfafjppnhbloffcjpeomlnpah]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [804472 2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1250936 2024-10-10] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7276872 2024-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208688 2024-05-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\130.0.27176.93\elevation_service.exe [1880640 2024-11-06] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208688 2024-05-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4993344 2021-03-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [925152 2024-11-14] (McAfee, LLC -> McAfee, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [20528 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [229944 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [381520 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [293968 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84424 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [27744 2024-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [28752 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [274000 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [549968 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [97848 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69176 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [950328 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [1200696 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [203832 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [306744 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-03-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-03-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-02 10:44 - 2024-12-02 10:45 - 000024537 _____ C:\Users\Dafi\Downloads\FRST.txt
2024-12-02 10:43 - 2024-12-02 10:45 - 000000000 ____D C:\FRST
2024-12-02 10:43 - 2024-12-02 10:43 - 002402816 _____ (Farbar) C:\Users\Dafi\Downloads\FRST64.exe
2024-11-27 17:49 - 2024-11-27 20:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-13 20:52 - 2024-11-13 20:52 - 000000000 ___HD C:\$WinREAgent
2024-11-07 22:18 - 2024-12-01 21:19 - 000003050 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Dafi_20241107221824
2024-11-07 22:18 - 2024-12-01 21:19 - 000002622 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Dafi
2024-11-07 22:18 - 2024-11-07 22:18 - 000002441 _____ C:\Users\Dafi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office.lnk
2024-11-04 13:03 - 2024-11-04 13:04 - 038778111 _____ C:\Users\Dafi\Downloads\pani_temnot.zip
2024-11-02 17:12 - 2024-11-02 18:36 - 1800261632 _____ C:\Users\Dafi\Downloads\jOBS (2013) CZ.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-02 10:36 - 2020-02-12 11:34 - 000000000 ___RD C:\Users\Dafi\OneDrive
2024-12-01 21:20 - 2024-01-28 18:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-01 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-01 21:19 - 2024-05-30 21:13 - 000002848 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-3938597611-2843190907-3524625560-1001
2024-12-01 21:19 - 2024-05-30 21:10 - 000003092 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2024-12-01 21:19 - 2024-05-30 21:10 - 000002610 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2024-12-01 21:19 - 2024-05-30 21:09 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2024-12-01 21:19 - 2024-05-30 21:09 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2024-12-01 21:19 - 2024-01-28 19:01 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-01 21:19 - 2024-01-28 19:01 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-01 21:19 - 2024-01-28 19:01 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3938597611-2843190907-3524625560-1001
2024-12-01 21:19 - 2024-01-28 19:01 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-12-01 21:19 - 2024-01-28 19:01 - 000002954 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-12-01 21:19 - 2024-01-28 19:01 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3938597611-2843190907-3524625560-1001
2024-12-01 21:19 - 2024-01-28 19:01 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Dafi
2024-12-01 21:19 - 2024-01-28 19:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2024-12-01 21:19 - 2022-09-29 14:02 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-12-01 20:01 - 2020-05-06 19:20 - 000000000 ____D C:\Users\Dafi\AppData\Local\Avg
2024-11-28 19:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-28 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-27 20:17 - 2024-03-17 17:56 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-27 20:17 - 2024-03-17 17:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-11-27 20:17 - 2024-03-17 17:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-27 17:47 - 2024-01-28 18:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-27 17:47 - 2024-01-28 18:57 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-11-27 17:47 - 2024-01-28 15:03 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-26 20:28 - 2024-01-28 15:10 - 000002378 _____ C:\Users\Dafi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-24 20:06 - 2023-10-09 19:16 - 000000000 ____D C:\Program Files\RUXIM
2024-11-24 20:06 - 2020-02-14 13:31 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-24 20:06 - 2020-02-14 13:31 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-11-19 16:35 - 2020-05-11 19:42 - 000000000 ____D C:\Users\Dafi\AppData\Local\CrashDumps
2024-11-17 13:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-11-14 11:35 - 2020-03-19 19:04 - 000000000 ____D C:\Users\Dafi\Desktop\Obr
2024-11-14 00:14 - 2024-01-28 19:03 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-14 00:14 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-14 00:14 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-14 00:09 - 2024-01-28 19:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-14 00:09 - 2024-01-28 18:51 - 000268576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-14 00:09 - 2021-02-01 22:31 - 000008192 ___SH C:\DumpStack.log.tmp
2024-11-14 00:09 - 2020-05-18 15:23 - 000000000 ____D C:\ProgramData\NVIDIA
2024-11-14 00:09 - 2020-05-06 19:18 - 000000000 ____D C:\ProgramData\AVG
2024-11-14 00:08 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-11-14 00:07 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-14 00:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-13 21:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-13 20:59 - 2024-01-28 18:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-13 20:51 - 2020-02-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 20:48 - 2020-02-12 12:01 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-12 19:52 - 2024-05-30 21:13 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-11-12 19:52 - 2024-05-30 21:13 - 000002298 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2024-11-12 19:52 - 2024-05-30 21:09 - 000000000 ____D C:\Program Files\CCleaner Browser
2024-11-10 19:07 - 2020-02-14 14:05 - 000000000 ____D C:\Users\Dafi\AppData\Roaming\vlc
2024-11-10 16:30 - 2020-05-06 19:18 - 000000000 ____D C:\Program Files\CCleaner
2024-11-10 16:28 - 2024-03-17 17:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-11-08 12:32 - 2024-01-28 15:10 - 000000000 ____D C:\Users\Dafi
2024-11-07 22:18 - 2023-08-07 16:45 - 000002539 _____ C:\Users\Dafi\Desktop\WPS PDF.lnk
2024-11-04 16:01 - 2024-05-04 17:58 - 000000000 ___HD C:\Users\Dafi\WPS Cloud Files
2024-11-04 13:04 - 2020-04-05 19:22 - 000000000 ____D C:\Users\Dafi\AppData\LocalLow\Temp
2024-11-02 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[JaRon]

Ahoj,
prescanuj PC s Adwcleanerom

[Martin000]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-10-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.5131)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\WinThruster

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [15/08/2022 19:09:06]
AdwCleaner[S01].txt - [1466 octets] - [15/08/2022 19:10:13]
AdwCleaner[S02].txt - [1527 octets] - [15/08/2022 21:24:29]
AdwCleaner[S03].txt - [1603 octets] - [15/03/2024 21:55:01]
AdwCleaner[C03].txt - [1793 octets] - [15/03/2024 21:55:51]
AdwCleaner[S04].txt - [1756 octets] - [10/12/2024 19:01:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

[Martin000]

Ahoj. Omlouvám se za dlouhou prodlevu v komunikaci.

[JaRon]

po AV stranke to vypada byt ciste

[Martin000]

Děkuju. Dá se dělat ( kontrolovat ) ještě něco ?

[JaRon]

Mozes este prescanovat s Avptool/KVRT

[Martin000]

Zřejmě hotovo a bez nálezu. Hups už jsem dočetl celí návod a pracuju na získání logu.

[JaRon]

Log nemusis davat, pokial nic nenaslo

[Martin000]

Nedaří se z toho vydolovat log to je snad jiný program než na který je ten návod. Už to něco našlo ale nejsem schopen o tom zaslat report

[JaRon]

Staci printscreen obrazovky v casti, kde su najdene polozky

[Martin000]

Tak mi nejde vložit ani obrázek nicméně při druhém testu už KVRT nic nenašel. A to co odstranil byl generátor cd klíče pro Warcraft 3.

[JaRon]

Tak to bude ciste

[Martin000]

Super díky za vaši trpělivost. A za vaši pomoc.

[JaRon]

Rado sa stalo