VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prevence

https://forum.viry.cz:443/viewtopic.php?t=158034

Stránka 1 z 1

Prevence

Napsal: 17 dub 2021 11:59
od PredyP
Dobrý den,
prosím o kontrolu. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by Petr (administrator) on DESKTOP-GC5ULMC (MSI MS-7623) (17-04-2021 12:42:17)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-03-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-10-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG2200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB6.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2200 series: C:\WINDOWS\system32\CNMLMB6.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15ADD06C-9C33-4CB0-8D1D-99610CE763F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3884E5E0-5B93-4423-818C-4E92B9F83005} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498032 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {461383D0-22DC-4638-AC77-BB761E2E1DB4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D16F8EB-7A72-4638-AA13-CE8B825BD42F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {ADC199ED-ED10-4A16-B9DD-EC62F63F60E9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB0884CA-C7EC-4665-90DE-1D913D7379B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {BCF44F93-4F4E-425D-BEF4-4322E7833227} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {C2266C8D-28FB-4E73-8CF7-639634139751} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C36A1F71-08F1-492A-BC15-51A627AF3402} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
Task: {D7F9632E-9A68-416D-8F8A-1A4E81638111} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {DABCEABD-0973-4482-A8A3-73192727B790} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6AC6631-DCCA-4E46-8E29-9EE9B7ADF640} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {F1896A30-59DD-4203-AA6B-664275F59E3F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fb5d3104-e36a-4208-9b45-522c6468f566}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\Petr\Desktop
Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-17]
Edge DownloadDir: C:\Users\Petr\Desktop
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge DefaultSearchURL: Default -> hxxps://blobs.officehome.msocdn.com/versionless/webmanifestimages/OfficeDesktop_192.png
Edge Extension: (Office) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2020-09-30]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-04-16]
CHR DownloadDir: C:\Users\Petr\Desktop
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.instagram.com
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-07]
CHR Extension: (Just Black) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-10-07]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-07]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-07]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-01-19]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-03-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10359000 2021-03-26] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-09-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-09-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-31] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6436768 2021-03-25] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 VIAHdAudAddService; \SystemRoot\system32\drivers\viahduaa.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-17 12:42 - 2021-04-17 12:43 - 000019916 _____ C:\Users\Petr\Desktop\FRST.txt
2021-04-17 12:41 - 2021-04-17 12:43 - 000000000 ____D C:\FRST
2021-04-17 12:40 - 2021-04-17 12:41 - 002298368 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2021-04-15 23:01 - 2021-04-15 23:01 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 23:01 - 2021-04-15 23:01 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-15 23:01 - 2021-04-15 23:01 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-15 20:00 - 2021-04-15 20:00 - 000251740 _____ C:\Users\Petr\Desktop\PD.pdf
2021-04-14 10:22 - 2021-04-14 10:22 - 000068891 _____ C:\Users\Petr\Desktop\Rezervace očkování.pdf
2021-04-10 09:01 - 2021-04-10 09:02 - 000000000 ____D C:\AdwCleaner
2021-04-10 09:01 - 2021-04-10 09:01 - 008534696 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_8.2.exe
2021-04-09 19:03 - 2021-04-10 07:27 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-04-09 19:03 - 2021-04-09 19:03 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2021-04-09 19:03 - 2021-04-09 19:03 - 000000000 ____D C:\Program Files\VIA
2021-04-09 19:03 - 2012-10-22 16:44 - 002994808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\VIAPropPageExt.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 001161336 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViaKaraokeApo.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 001119352 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViaMicArrayAPO.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000683640 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\VIASysFx.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Dts2APO.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000123512 _____ (VIA Technologies,Inc.) C:\WINDOWS\system32\ViaKaraokePropPageExt.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000095352 _____ (VIA Technologies,Inc.) C:\WINDOWS\system32\ViaMicArrayPropPageExt.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000092280 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Dts2PropPageExt.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\VtSrdAPO.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000055416 _____ (TODO: <Company name>) C:\WINDOWS\system32\PropPageExt.dll
2021-04-09 19:03 - 2012-10-22 16:44 - 000027768 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\ViakaraokeSrv.exe
2021-04-09 19:03 - 2012-09-24 16:33 - 003141496 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVIA64.dll
2021-04-09 19:03 - 2012-09-24 16:32 - 002080120 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2021-04-09 19:03 - 2012-09-05 17:12 - 000860024 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2021-04-09 19:03 - 2012-07-15 13:16 - 000394104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2021-04-09 19:03 - 2012-06-28 16:54 - 000086016 _____ (QSound Labs, Inc.) C:\WINDOWS\system32\nQPropPageExt.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 007163744 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64H.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 007163744 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000433504 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64H.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000433504 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000137056 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64H.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000137056 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000120160 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64H.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000120160 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000075104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEG64H.dll
2021-04-09 19:03 - 2011-12-15 14:16 - 000075104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEG64A.dll
2021-04-09 19:03 - 2011-09-27 18:13 - 000879616 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMAPO64.DLL
2021-04-09 19:03 - 2011-09-27 18:13 - 000739328 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\VMAPO32.DLL
2021-04-09 19:03 - 2011-09-27 18:13 - 000619520 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMTHX64.DLL
2021-04-09 19:03 - 2011-09-27 18:13 - 000554496 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\VMTHX32.DLL
2021-04-09 19:03 - 2011-09-27 18:13 - 000057856 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMPPLD64.DLL
2021-04-09 19:03 - 2011-06-08 18:19 - 000083968 _____ (QSound Labs, Inc.) C:\WINDOWS\system32\nQAPO.dll
2021-04-09 19:03 - 2010-10-26 18:55 - 000074240 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMWRP64.DLL
2021-04-09 19:03 - 2010-10-26 18:54 - 000053760 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\VMPPCN64.DLL
2021-04-09 19:03 - 2009-07-31 11:40 - 000025600 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\VMfilt64.sys
2021-04-09 19:02 - 2021-04-09 19:03 - 000000000 ____D C:\Program Files (x86)\VIA
2021-04-05 13:37 - 2021-04-05 13:36 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-05 13:37 - 2021-04-05 13:36 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-25 21:24 - 2021-03-25 21:24 - 000000000 ____D C:\Users\Petr\AppData\Local\VALORANT
2021-03-25 21:24 - 2021-03-25 21:24 - 000000000 ____D C:\Users\Petr\AppData\Local\UnrealEngine
2021-03-25 20:22 - 2021-03-25 20:28 - 000257780 _____ C:\WINDOWS\ntbtlog.txt
2021-03-25 20:22 - 2021-03-25 20:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-25 20:02 - 2021-04-10 07:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-25 20:02 - 2021-03-25 20:02 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-25 19:33 - 2021-03-27 21:37 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-03-25 17:55 - 2021-03-25 18:02 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-03-24 22:38 - 2021-03-25 18:51 - 000001627 _____ C:\Users\Public\Desktop\VALORANT.lnk
2021-03-24 13:09 - 2021-03-24 13:09 - 000022448 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_5166480229826.dll
2021-03-24 12:44 - 2021-03-24 12:44 - 000000000 ____D C:\Users\Petr\Documents\My Games
2021-03-24 12:24 - 2021-03-24 12:24 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EasyAntiCheat
2021-03-24 12:24 - 2021-03-24 12:24 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2021-03-24 11:27 - 2021-03-24 11:27 - 000000222 _____ C:\Users\Petr\Desktop\Paladins.url
2021-03-23 17:01 - 2021-03-23 17:02 - 000469931 _____ C:\Users\Petr\Documents\Plná moc.pdf
2021-03-20 15:05 - 2021-04-16 20:19 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-03-18 14:50 - 2021-03-18 14:50 - 001368824 _____ C:\Users\Petr\Desktop\MZ 20-21.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-17 12:40 - 2020-09-29 21:05 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-17 12:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-17 10:41 - 2020-10-12 20:07 - 000000000 ____D C:\Program Files\CCleaner
2021-04-17 10:24 - 2020-09-29 19:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-17 09:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-17 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-17 09:32 - 2020-10-08 10:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B620A067-F333-4478-A6CC-B1B86B683051}
2021-04-17 09:32 - 2020-04-03 14:22 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-17 09:31 - 2020-09-29 21:03 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-16 23:16 - 2020-09-29 19:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-16 20:22 - 2018-06-08 08:10 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-16 12:18 - 2020-10-02 15:08 - 000000000 ____D C:\ProgramData\Riot Games
2021-04-16 11:34 - 2020-09-29 20:57 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-16 11:34 - 2020-09-29 20:57 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-16 10:45 - 2020-09-29 21:01 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-16 10:41 - 2020-09-29 20:02 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-16 10:41 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-16 10:41 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-16 10:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-16 10:34 - 2020-09-29 21:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-16 10:34 - 2020-09-29 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-16 10:34 - 2020-06-25 20:19 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-15 23:18 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-15 23:15 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-15 23:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-15 23:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-15 23:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-15 22:39 - 2020-09-29 20:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 22:36 - 2020-09-29 20:41 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-15 19:11 - 2020-09-29 20:15 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2021-04-14 07:48 - 2020-10-07 15:34 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-12 09:50 - 2020-09-29 20:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3289169553-1937731841-1937761989-1001
2021-04-12 09:50 - 2020-09-29 19:51 - 000002362 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-12 09:50 - 2018-06-07 09:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2021-04-07 16:40 - 2020-09-30 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-07 15:57 - 2020-11-22 17:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2021-04-06 18:17 - 2020-11-22 17:48 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-04-05 13:37 - 2020-09-29 21:02 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-05 13:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-05 13:36 - 2020-10-23 10:38 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-05 13:36 - 2020-09-29 21:02 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-04 09:24 - 2020-05-14 18:49 - 000002238 ____H C:\Users\Petr\Documents\Default.rdp
2021-04-04 07:52 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-04-02 22:24 - 2020-09-29 19:29 - 000440424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-02 22:21 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-02 22:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-02 22:09 - 2020-09-29 19:37 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-02 11:37 - 2021-02-26 21:33 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2021-04-01 12:01 - 2020-09-29 20:21 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2021-03-31 11:38 - 2021-03-02 12:15 - 000000000 ____D C:\Users\Petr\AppData\Local\Citrix
2021-03-25 21:05 - 2020-10-02 15:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\discord
2021-03-25 19:53 - 2020-10-16 15:45 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2021-03-25 19:53 - 2020-10-12 20:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-25 18:31 - 2020-10-02 15:18 - 000000000 ____D C:\Riot Games
2021-03-24 22:38 - 2020-10-02 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-03-24 21:57 - 2020-09-29 21:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2021-03-24 15:56 - 2020-09-29 19:51 - 000000000 ____D C:\Users\Petr
2021-03-24 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-24 12:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-24 12:21 - 2020-09-29 21:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-20 15:12 - 2020-10-02 15:08 - 000000000 ____D C:\Users\Petr\AppData\Local\Riot Games

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Petr (17-04-2021 12:46:04)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-09-29 18:12:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3289169553-1937731841-1937761989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3289169553-1937731841-1937761989-503 - Limited - Disabled)
Guest (S-1-5-21-3289169553-1937731841-1937761989-501 - Limited - Disabled)
Petr (S-1-5-21-3289169553-1937731841-1937761989-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3289169553-1937731841-1937761989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated)
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Discord (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
VALORANT (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VariCAD Viewer 2021-1.02 CZ (HKLM\...\VariCADViewer_CZ) (Version: 2021-1.02 - VariCAD s.r.o)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad]
Office -> C:\Program Files\WindowsApps\www.office.com-6A424043_1.0.0.0_neutral__hhrgrbe39qw14 [2021-03-28] (www.office.com)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-05] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\sharepoint.com -> hxxps://kbagrafitec-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\Wallpaper -> d:\petr\ovladače\img9.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C6D8BEF9-309F-475D-84EF-413F0B6F8BDA}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{55B8EBE7-EDA7-4FB3-BC13-E19B09F8FC82}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1E948168-8F27-4E81-A98A-1290AF1E15AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DB0FA376-32F5-4B6F-9081-0CE30AB85535}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{22B9B73B-FC0B-4B6B-A75D-46D71E3B73BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F72A9C3C-0C15-4A98-8557-CA4A4D8FA84F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEE1AE6D-2412-4BFB-94E9-23DD2D4B5E71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC0A25A5-2C48-456E-9E3C-0AA29D1BF48B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11E44AF9-E017-49BE-89BC-2B8A202D22B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [{758E3867-2B1E-4723-BD07-CAE59ED879C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [TCP Query User{01F3E7DD-ADB6-41E9-AFEA-6AD1BF728E3E}D:\denisa\hry\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{DEEC8326-290E-4B89-884B-7A71B856A8B6}D:\denisa\hry\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{0249CFDA-68B9-4D01-A4CB-6790486408FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RCCars\RCCars.exe (Computer Graphics Studio CREAT) [File not signed]
FirewallRules: [{F13F5722-9895-445D-A150-04CD78B6D9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RCCars\RCCars.exe (Computer Graphics Studio CREAT) [File not signed]
FirewallRules: [{4601C5C9-9161-48AE-8F61-D9C8684BD2ED}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16363E17-B077-48A8-8B0F-CD523EFAC47D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A8BD3BCA-3DB9-4388-B910-041ED569EC83}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7A93BA0-0C48-46D4-868E-A1FACCCD219D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17C1D05B-9AF3-4BF7-AC40-865C6A1B106D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B61BE41-F952-419A-B191-2861D73ACE8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34FC3482-0147-4CE8-91E7-8A47BAF3E3F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B952482E-BBAC-41D5-8169-F32351C4A80D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1FDFD9EC-24F2-42BE-AC2A-93703982C6F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{D11F8981-B382-4191-B7D1-0BB777A9828D}D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E937AA7A-0E56-46D1-9F6E-2F98ED848B27}D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{A53295C4-4919-4CB1-8671-1E9DE6D39B12}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [UDP Query User{DDDFE386-26CE-48AA-9CEF-4E334EFD22C3}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [TCP Query User{43B4CAAC-1EBD-4F9B-8263-C60C33FE7D0A}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{29B89ED9-89B9-42CB-896E-E507BE8A3BAC}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35CE8502-F883-4BEB-BF0C-C6D74CBB6218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3AF0E729-AE1E-4D0D-A38F-4098A1BF7B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{0044A0A8-320C-42F4-85C0-D511349F6338}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{69AEDED4-8D96-4C15-A08D-0503A67C73EB}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{42358730-F39B-408B-AA7C-571C4866AB81}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{799FBB0B-83CA-43C4-89A5-56F2F1B62B97}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{584A3A8D-2336-4527-96F8-9126DA631B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0E2D55EB-F872-45FE-B976-89B3649D9A97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{B181658D-EC43-40AA-81A7-E9F050250102}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E03DA6CE-CA82-407C-A756-739CFD7EEFCD}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{1333CC64-1A5B-4DE2-A5DD-810E6AE5E656}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F951A4FD-9654-4F4C-B216-608A46C55D58}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5883C4D8-D3C8-483C-98D9-779D081B5046}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{CFEC17B5-C23E-41BC-9CA9-604BB02F65EB}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5D929ECD-A73C-4DFE-BF16-4C52EFC3867F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D0D3426-9E2A-46F2-9B7D-FFCCE1CCC124}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22073611-8844-4D75-8C39-BB4420DD02CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7042D90A-49FB-44DD-8BA2-C083500E251A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F24FAC75-4CE1-4DC6-8EB0-DF168AFADE74}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B38962C5-FAD5-4EFA-A4BD-6698B58C521A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DD69B65-CB0D-4B90-9216-6ED5FE18E669}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EB56B38-9636-4D3F-80FE-F24B4ADE6FCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D1BC181-47F5-4D80-854F-468E664FA23A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{666CF163-4C33-4EBF-8518-A49776DCAD79}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

28-03-2021 14:08:32 Instalační služba modulů systému Windows
02-04-2021 21:51:36 Instalační služba modulů systému Windows
10-04-2021 20:30:59 Naplánovaný kontrolní bod
15-04-2021 22:39:51 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Mikrofon (High Definition Audio Device)
Description: Zvukový koncový bod
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Mikrofon (Steam Streaming Microphone)
Description: Zvukový koncový bod
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Mikrofon (High Definition Audio Device)
Description: Zvukový koncový bod
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/14/2021 10:06:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/14/2021 09:28:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/14/2021 09:28:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Uložiště (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/10/2021 07:28:47 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/10/2021 07:28:47 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/10/2021 07:25:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (04/10/2021 07:21:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (04/09/2021 08:41:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.906, časové razítko: 0x985b4154
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.844, časové razítko: 0x60a6ca36
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000025bb6
ID chybujícího procesu: 0xb78
Čas spuštění chybující aplikace: 0x01d72d6e640c1a9c
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b12496e2-7bf0-4c26-9539-ea6de280a1a1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/16/2021 03:16:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/13/2021 05:39:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/13/2021 11:30:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/13/2021 11:30:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (04/12/2021 08:27:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2021 06:47:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (04/10/2021 09:12:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/10/2021 09:12:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2021-04-17 12:41:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.3 11/15/2010
Motherboard: MSI 760GM-P33 (MS-7623)
Processor: AMD Phenom(tm) II X6 1055T Processor
Percentage of memory in use: 40%
Total physical RAM: 8191.18 MB
Available physical RAM: 4879.41 MB
Total Virtual: 9471.18 MB
Available Virtual: 5824.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.47 GB) (Free:770.42 GB) NTFS
Drive d: (Uložiště) (Fixed) (Total:1863.01 GB) (Free:422 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9b0c9b0c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{9b0c9b0c-0000-0000-0000-90c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F8F2D247)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9B0C9B0C)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=513 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: Prevence

Napsal: 17 dub 2021 18:57
od Diallix
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Re: Prevence

Napsal: 17 dub 2021 19:10
od PredyP
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-17-2021
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [10/04/2021 09:02:18]
AdwCleaner[C00].txt - [1595 octets] - [10/04/2021 09:12:26]
AdwCleaner[S01].txt - [1527 octets] - [17/04/2021 20:05:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Prevence

Napsal: 17 dub 2021 19:25
od Diallix
Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BCF44F93-4F4E-425D-BEF4-4322E7833227} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {C2266C8D-28FB-4E73-8CF7-639634139751} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E6AC6631-DCCA-4E46-8E29-9EE9B7ADF640} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 VIAHdAudAddService; \SystemRoot\system32\drivers\viahduaa.sys [X]

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Prevence

Napsal: 17 dub 2021 19:36
od PredyP
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Petr (17-04-2021 20:30:41) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BCF44F93-4F4E-425D-BEF4-4322E7833227} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {C2266C8D-28FB-4E73-8CF7-639634139751} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E6AC6631-DCCA-4E46-8E29-9EE9B7ADF640} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 VIAHdAudAddService; \SystemRoot\system32\drivers\viahduaa.sys [X]

EmptyTemp:
*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCF44F93-4F4E-425D-BEF4-4322E7833227}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF44F93-4F4E-425D-BEF4-4322E7833227}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2266C8D-28FB-4E73-8CF7-639634139751}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2266C8D-28FB-4E73-8CF7-639634139751}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E6AC6631-DCCA-4E46-8E29-9EE9B7ADF640}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6AC6631-DCCA-4E46-8E29-9EE9B7ADF640}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\VIAHdAudAddService => removed successfully
VIAHdAudAddService => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74879036 B
Java, Flash, Steam htmlcache => 195133736 B
Windows/system/drivers => 10207813 B
Edge => 0 B
Chrome => 439182529 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 70084 B
NetworkService => 70084 B
Petr => 214876947 B

RecycleBin => 2401727967 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:31:56 ====

Re: Prevence

Napsal: 17 dub 2021 22:03
od Diallix
Ok, ako je na tom pocitac?

Re: Prevence

Napsal: 17 dub 2021 22:11
od PredyP
Neměl jsem problém. Děkuji za pomoc.
:worship: :worship: :worship:

Re: Prevence

Napsal: 18 dub 2021 05:01
od Diallix
V pohode, nemate zaco :]]
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz