ok tak tady
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by rossu (01-11-2020 18:28:42)
Running from C:\Users\rossu\Desktop
Windows 10 Home Version 2004 19041.572 (X64) (2020-05-30 17:18:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4057023617-2345177252-1567271487-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4057023617-2345177252-1567271487-503 - Limited - Disabled)
Guest (S-1-5-21-4057023617-2345177252-1567271487-501 - Limited - Disabled)
rossu (S-1-5-21-4057023617-2345177252-1567271487-1001 - Administrator - Enabled) => C:\Users\rossu
WDAGUtilityAccount (S-1-5-21-4057023617-2345177252-1567271487-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1310 (HKLM-x32\...\{76A9FB3A-D7AB-4C8C-8C49-3CFDBF2D6C2D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
1310_Help (HKLM-x32\...\{6D4553DF-2095-4D10-92C0-17934733B51D}) (Version: 82.0.58.000 - Hewlett-Packard) Hidden
1310Trb (HKLM-x32\...\{6D7E031C-4C05-4265-854A-FE9FDEA9984D}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
4K Video Downloader (HKLM\...\{94360C20-3425-4BB1-9A75-03A4E69194F8}) (Version: 4.13.0.3800 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM-x32\...\{D5045A94-1D46-44A7-9C4F-7D05B40D82EC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{2DFDE21D-AFFE-4CDD-BBD4-3B7832BEC036}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Anti-Twin (Installation 26.08.2020) (HKLM-x32\...\Anti-Twin 2020-08-26 22.14.34) (Version: - Joerg Rosenthal, Germany)
Backup and Sync from Google (HKLM\...\{86E7EC52-41D9-4573-951C-FB7AC339A251}) (Version: 3.52.3372.2621 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\50E7F7D847732396F1582CD62DD385ED7ABB0897) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\{A559093D-FCCB-1B3D-5504-74D07E48A7FB}) (Version: PRO v.5.72.7974 - 23.09.2020 - libbi)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CS3889 Atentát (HKLM-x32\...\CS3889 Atentát_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1114 - Disc Soft Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Google Chrome (HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
inPixio Photo Studio 10 (HKLM-x32\...\{EEB2D77B-37DD-4FA2-9B4D-F6724AEC95DF}) (Version: 10.0.0 - inPixio)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kingston SSD Manager version 1.1.2.6 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.6 - Kingston Digital, Inc)
LibreOffice 6.4 Help Pack (Czech) (HKLM\...\{AE983296-8590-4589-84E0-80B8C30ED803}) (Version: 6.4.0.3 - The Document Foundation)
LibreOffice 7.0.1.2 (HKLM\...\{B98796CE-B0AD-498E-81E4-986FA3BB20B9}) (Version: 7.0.1.2 - The Document Foundation)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.93 - )
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
Rajče průvodce verze 1.59.52.267 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Rajče verze 2.6.2 sestavení 292 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7589 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 9.3.40.0 - 2BrightSparks)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VS Revo Group v.4.3.1 - 22.04.2020 (HKLM-x32\...\VS Revo Group v.4.3.1 - 22.04.2020) (Version: v.4.3.1 - 22.04.2020 - Libbi)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.91 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
ZPS 19 CZ v.19.2004.2.250 - 03.06.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2004.2.250 - 03.06.2020) (Version: v.19.2004.2.250 - 03.06.2020 - Libbi)
Packages:
=========
Avast Online Security -> C:\Program Files\WindowsApps\51CA791E.AvastOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-11-01] (AVAST Software)
inPixio Photo Editor -> C:\Program Files\WindowsApps\AvanquestSoftware.InPixioFreePhotoEditor_9.1.0.0_x86__hrs4p72486j8p [2020-09-26] (Avanquest Software)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4057023617-2345177252-1567271487-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\rossu\AppData\Local\Google\Chrome\Application\86.0.4240.111\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4057023617-2345177252-1567271487-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\rossu\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4057023617-2345177252-1567271487-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\rossu\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\program1\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-10-14] (Google LLC -> Google)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\program1\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-01-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-01-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\program1\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-10-14] (Google LLC -> Google)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\program1\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Users\rossu\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) =============
2020-11-01 18:24 - 2020-11-01 18:24 - 000114176 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_ctypes.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000172544 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_elementtree.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 002250240 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_hashlib.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000032256 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_multiprocessing.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000046080 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_psutil_windows.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000047616 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_socket.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 002819584 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_ssl.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000026112 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\_yappi.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000080896 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\bz2.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000016384 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\common.time34.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000007680 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\hashobjs_ext.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000301568 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\PIL._imaging.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000168448 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\pyexpat.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 001084416 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\pysqlite2._sqlite.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000548864 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\pythoncom27.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 000137728 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\pywintypes27.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 000010752 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\select.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000020992 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\thumbnails_ext.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000689664 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\unicodedata.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000119808 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\usb_ext.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000128512 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32api.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000438784 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32com.shell.shell.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000011776 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32crypt.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000023040 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32event.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000149504 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32file.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000223232 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32gui.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000048128 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32inet.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000029696 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32pdh.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000027648 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32pipe.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000044032 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32process.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000020480 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32profile.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000136192 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32security.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000026624 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\win32ts.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000034816 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\windows.conditional.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000038400 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\windows.connectivity.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000071680 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\windows.device_monitor.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000109056 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\windows.volumes.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000020480 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\windows.winwrap.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 001325056 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wx._controls_.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 001489408 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wx._core_.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 001007104 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wx._gdi_.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000103424 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wx._html2.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 000916992 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wx._misc_.pyd
2020-11-01 18:24 - 2020-11-01 18:24 - 001039872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wx._windows_.pyd
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2020-06-23 08:16 - 2019-09-05 06:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\program1\7-Zip\7-zip.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\python27.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wxbase30u_net_vc90_x64.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wxbase30u_vc90_x64.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wxmsw30u_adv_vc90_x64.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wxmsw30u_core_vc90_x64.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wxmsw30u_html_vc90_x64.dll
2020-11-01 18:24 - 2020-11-01 18:24 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI18562\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-30] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-09-29 06:04 - 2020-09-29 06:04 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2020-01-03 19:17 - 2020-06-18 19:14 - 000000507 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-1TNCHR7.mshome.net # 2025 6 2 17 18 14 50 479
192.168.137.9 LGwebOSTV.mshome.net # 2020 6 4 25 18 14 50 479
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\rossu\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rossu\Downloads\en.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "MalTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "UnKIS"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "qBittorrent"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "Uninstall 20.084.0426.0007\amd64"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "Uninstall 20.084.0426.0007"
HKU\S-1-5-21-4057023617-2345177252-1567271487-1001\...\StartupApproved\Run: => "Delete Cached Update Binary"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FFA0076C-3A5E-4D87-A696-50757BC1FE40}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0AC1933D-8DC1-4B6D-8F12-13299B4FBF26}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [UDP Query User{5121987A-80E4-4A7A-A75E-7AEF44E4BF1F}C:\users\rossu\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\rossu\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A13112A7-CC14-4F2E-979C-B9E8312BE5BD}C:\users\rossu\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\rossu\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2F1CFE72-8D3E-46F1-B97E-E8F1E11DBC12}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{BD955DDA-9B9F-41B0-9C10-B977F4845944}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{2DBEE51B-E9A4-4683-9B07-C0F690E25751}C:\users\rossu\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\rossu\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{76EF3312-F730-49AC-B4A4-89C875566585}C:\users\rossu\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\rossu\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B991C315-22B1-417A-AB57-B9D330E1FF1E}C:\program1\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program1\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{A81B9797-F32F-4B21-9850-F54C01E7F4FD}C:\program1\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program1\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C58CE780-FD1E-4DA4-A000-16653E48E78A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AAA7A29-68EF-4B65-B215-95D833B99EDE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2DE12EC3-6679-4F84-B705-3C7679843BAA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9458B3E8-279C-4D66-9CFC-93D07556D8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2F150F7E-D133-4A8C-BC66-8C6A4621816D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{564FB3BD-A238-444A-9B52-6904AC9FAB48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
==================== Restore Points =========================
19-10-2020 15:23:52 one drive
19-10-2020 16:08:55 JRT Pre-Junkware Removal
26-10-2020 19:44:27 Naplánovaný kontrolní bod
28-10-2020 19:54:53 cc a dlk
31-10-2020 16:29:44 sobotnik pokusy 31.10
01-11-2020 17:21:05 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/01/2020 06:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MBAMService.exe, verze: 3.2.0.927, časové razítko: 0x5f878292
Název chybujícího modulu: UpdateControllerImpl.dll, verze: 3.2.0.543, časové razítko: 0x5f89f4c2
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000048213
ID chybujícího procesu: 0x2158
Čas spuštění chybující aplikace: 0x01d6b070d2607ab0
Cesta k chybující aplikaci: C:\program1\malwarebytes\MBAMService.exe
Cesta k chybujícímu modulu: C:\PROGRAM1\MALWAREBYTES\UpdateControllerImpl.dll
ID zprávy: f64a7558-38a3-4efc-a9d5-bd659c5c4959
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/01/2020 04:35:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecHealthUI.exe, verze: 10.0.19041.423, časové razítko: 0xc09a617f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0xa40
Čas spuštění chybující aplikace: 0x01d6b064872957a2
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: dbab88e0-6ba1-41be-9d30-6a6c6a16f89e
Úplný název chybujícího balíčku: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: SecHealthUI
Error: (11/01/2020 04:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecHealthUI.exe, verze: 10.0.19041.423, časové razítko: 0xc09a617f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x1134
Čas spuštění chybující aplikace: 0x01d6b0630e9d4e5a
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 011c4621-84e7-4968-b891-e894d260e019
Úplný název chybujícího balíčku: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: SecHealthUI
Error: (11/01/2020 03:41:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecHealthUI.exe, verze: 10.0.19041.423, časové razítko: 0xc09a617f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0xca4
Čas spuštění chybující aplikace: 0x01d6b05cfb9043d9
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a1cb83dc-7c40-410a-8c63-e6f1f64cb4a4
Úplný název chybujícího balíčku: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: SecHealthUI
Error: (11/01/2020 03:40:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecHealthUI.exe, verze: 10.0.19041.423, časové razítko: 0xc09a617f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x698
Čas spuštění chybující aplikace: 0x01d6b054d8181a86
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ccf2dd89-b019-4415-826f-4ad316157142
Úplný název chybujícího balíčku: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: SecHealthUI
Error: (11/01/2020 02:39:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecHealthUI.exe, verze: 10.0.19041.423, časové razítko: 0xc09a617f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x24c4
Čas spuštění chybující aplikace: 0x01d6b0522c010b94
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3dfa7070-af86-4352-980c-ee4ef63d097b
Úplný název chybujícího balíčku: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: SecHealthUI
Error: (11/01/2020 02:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.19041.423 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 7a4
Čas spuštění: 01d6b03c66eebacd
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
ID hlášení: 3a9281e3-705c-437e-950f-9ad037b7f76c
Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: SecHealthUI
Typ zablokování: Cross-process
Error: (11/01/2020 11:47:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecHealthUI.exe, verze: 10.0.19041.423, časové razítko: 0xc09a617f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x11bc
Čas spuštění chybující aplikace: 0x01d6b03c4a0be985
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a57d4534-8b04-46c8-ab3b-87b80de0a3e8
Úplný název chybujícího balíčku: Microsoft.Windows.SecHealthUI_10.0.19041.423_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: SecHealthUI
System errors:
=============
Error: (11/01/2020 06:24:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/01/2020 06:24:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Error: (11/01/2020 06:24:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMChameleon neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/01/2020 06:03:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (11/01/2020 06:01:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/01/2020 05:59:57 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}
Error: (11/01/2020 05:58:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/01/2020 05:58:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Windows Defender:
===================================
Date: 2020-11-01 14:40:01.7520000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2E2B29F3-1097-4535-8181-470135D866EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-1TNCHR7\rossu
Date: 2020-11-01 14:13:00.0850000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AB7FD946-5FEF-42D1-B730-411A1BC92666}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-1TNCHR7\rossu
Date: 2020-10-31 22:35:07.6410000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\rossu\Downloads\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner Business 5.73.8130 Multilingual\Keymaker-CORE.rar; containerfile:_C:\Users\rossu\Downloads\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner Professional - Technician 5.73.8130 Multilingual\CCleanerPro5\Keymaker-CORE.rar; containerfile:_C:\Users\rossu\Downloads\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner Professional - Technician 5.73.8130 Multilingual\CCleanerTechnician\Keymaker-CORE.rar; containerfile:_C:\Users\rossu\Downloads\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCleaner Professional 5.73.8130 Slim Multilingual\Keymaker_CORE.rar; file:_C:\Users\rossu\Downloads\CCleaner 5.73.8130 Professional_Technician_Business_Slim\CCle
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.327.99.0, AS: 1.327.99.0, NIS: 1.327.99.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2020-10-31 21:58:04.7470000Z
Description:
Řízený přístup ke složkám zablokoval pro C:\program1\avast\wsc_proxy.exe provádění změn v paměti.
Čas detekce: 2020-10-31T20:58:04.746Z
Uživatel: DESKTOP-1TNCHR7\rossu
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\program1\avast\wsc_proxy.exe
Verze bezpečnostních informací: 1.327.99.0
Verze modulu: 1.1.17600.5
Verze produktu: 4.18.2010.4
Date: 2020-10-31 21:58:04.7360000Z
Description:
Řízený přístup ke složkám zablokoval pro C:\program1\avast\AvastSvc.exe provádění změn v paměti.
Čas detekce: 2020-10-31T20:58:04.736Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\program1\avast\AvastSvc.exe
Verze bezpečnostních informací: 1.327.99.0
Verze modulu: 1.1.17600.5
Verze produktu: 4.18.2010.4
Date: 2020-10-29 21:36:32.7070000Z
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===================================
Date: 2020-11-01 18:03:03.4540000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-11-01 18:03:03.1760000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-31 22:32:07.5000000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\program1\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-10-31 22:32:07.4610000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\program1\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-10-31 22:32:07.4110000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\program1\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-10-31 22:32:07.3300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\program1\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-10-31 22:32:07.2770000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\program1\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-10-31 22:32:07.0020000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\program1\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.03 04/20/2015
Motherboard: Acer Tashigi_BA
Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 62%
Total physical RAM: 4009.76 MB
Available physical RAM: 1511.87 MB
Total Virtual: 8105.76 MB
Available Virtual: 5003.12 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.5 GB) (Free:385.99 GB) NTFS
Drive d: (disk roman) (Fixed) (Total:931.5 GB) (Free:508.55 GB) NTFS
Drive h: (Verbatim HDD) (Fixed) (Total:465.76 GB) (Free:368.69 GB) NTFS
\\?\Volume{22333932-bdb1-4cdc-a0a5-1104af995f8f}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6faf45d7-9a69-41a3-a4e1-f32d1ff7af2c}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 24898A96)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A259ECD9)
Partition: GPT.
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: CCEAC4BE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================