VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prevence

https://forum.viry.cz:443/viewtopic.php?t=158247

Stránka 1 z 1

Prevence

Napsal: 07 zář 2021 14:58
od PredyP
Dobrý den,
prosím o kontrolu, moc děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-09-2021
Ran by Petr (administrator) on DESKTOP-GC5ULMC (MSI MS-7623) (07-09-2021 15:49:48)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-08-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2494576 2010-10-08] (VIA Technologies Inc. -> VIA)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-10-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5550304 2021-07-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [EpicGamesLauncher] => D:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33309664 2021-08-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Windows x64\Print Processors\Canon MG2200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB6.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2200 series: C:\WINDOWS\system32\CNMLMB6.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3884E5E0-5B93-4423-818C-4E92B9F83005} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1553296 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DC4918D-2A53-4552-95C4-96FBC2186EC9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {6B6E7642-F076-4E59-AF13-0EDAAB50790A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {73A37A95-8408-4FFC-A607-514C75268DE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {7417FB60-C16C-4146-863D-943860691B02} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4917528 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {A3547C79-343D-4AA6-BB57-DEE27B43FA8C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB0884CA-C7EC-4665-90DE-1D913D7379B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {C87ADBC0-D410-4F31-81AF-A49780F7DA49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {D03AE78E-F770-4FB5-A856-69A598811D17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7F9632E-9A68-416D-8F8A-1A4E81638111} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {DABCEABD-0973-4482-A8A3-73192727B790} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DF954C02-66BA-4393-A8DE-CA2D5CB81E00} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2560AA6-93C1-4CB5-B964-5E6836B3E85A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{fb5d3104-e36a-4208-9b45-522c6468f566}: [DhcpNameServer] 85.132.179.206 188.75.176.2

Edge:
=======
DownloadDir: C:\Users\Petr\Desktop
Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-07]
Edge DownloadDir: Default -> C:\Users\Petr\Desktop
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Office) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2020-09-30]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-08-29]
CHR DownloadDir: C:\Users\Petr\Desktop
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.instagram.com; hxxps://www.netflix.com
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-07]
CHR Extension: (Just Black) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-10-07]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-07]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-07]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-01-19]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8262736 2021-08-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [627480 2021-08-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1616664 2021-08-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [374552 2021-08-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-07-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812008 2021-08-28] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-07-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10112672 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [46736 2015-09-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-09-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-09-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8232160 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-09-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-07 15:49 - 2021-09-07 15:51 - 000020331 _____ C:\Users\Petr\Desktop\FRST.txt
2021-09-07 15:48 - 2021-09-07 15:50 - 000000000 ____D C:\FRST
2021-09-07 15:47 - 2021-09-07 15:47 - 002302976 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2021-09-07 15:41 - 2021-09-07 15:41 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc9898d7361973d41.tmp
2021-09-07 15:41 - 2021-09-07 15:40 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-31 17:11 - 2021-08-31 17:11 - 000000000 ____D C:\$WINDOWS.~BT
2021-08-31 17:10 - 2021-08-31 17:10 - 000000000 ___HD C:\$Windows.~WS
2021-08-28 22:55 - 2021-08-28 22:55 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mediatonic
2021-08-28 22:55 - 2021-08-28 22:55 - 000000000 ____D C:\Users\Petr\AppData\Local\Epic Games
2021-08-28 22:40 - 2021-08-28 22:40 - 000000223 _____ C:\Users\Petr\Desktop\Fall Guys Ultimate Knockout.url
2021-08-28 15:47 - 2021-08-28 15:47 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Unity
2021-08-28 15:47 - 2021-08-28 15:47 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\King Art Games
2021-08-28 15:45 - 2021-08-28 15:45 - 000000223 _____ C:\Users\Petr\Desktop\Zoo 2 Animal Park.url
2021-08-23 12:19 - 2021-08-23 12:19 - 000000000 ____D C:\Users\Petr\AppData\Local\DBG
2021-08-13 20:06 - 2021-08-13 20:07 - 000238622 _____ C:\WINDOWS\ntbtlog.txt
2021-08-13 12:11 - 2021-08-13 12:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 12:11 - 2021-08-13 12:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 12:11 - 2021-08-13 12:11 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 11:37 - 2021-08-13 11:37 - 000000000 ___HD C:\$WinREAgent
2021-08-11 11:01 - 2021-08-11 11:00 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-07 15:42 - 2020-10-07 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-07 15:42 - 2020-09-29 21:02 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-07 15:41 - 2021-07-15 15:50 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-07 15:41 - 2020-10-23 10:38 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-07 15:41 - 2020-09-29 21:03 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-07 15:41 - 2020-09-29 21:02 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-07 15:41 - 2020-09-29 21:02 - 000328560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys.163102213164010
2021-09-07 15:41 - 2020-09-29 21:02 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-07 15:41 - 2020-09-29 21:02 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-07 15:41 - 2020-09-29 21:02 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-07 15:41 - 2020-09-29 21:02 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-07 15:41 - 2020-09-29 21:02 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-07 15:41 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-07 15:40 - 2020-09-29 21:02 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-07 15:40 - 2020-09-29 21:02 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-07 15:40 - 2020-09-29 21:02 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-07 15:39 - 2020-10-12 20:07 - 000000000 ____D C:\Program Files\CCleaner
2021-09-07 15:38 - 2020-10-16 15:45 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2021-09-07 15:37 - 2020-10-08 10:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B620A067-F333-4478-A6CC-B1B86B683051}
2021-09-06 21:12 - 2020-09-29 21:05 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-06 21:12 - 2020-09-29 19:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-06 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-06 18:22 - 2020-09-29 19:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-06 15:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-06 15:22 - 2020-04-03 14:22 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-06 15:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-31 19:11 - 2020-09-29 20:27 - 000000000 ____D C:\WINDOWS\Panther
2021-08-31 19:11 - 2018-06-09 11:33 - 000000000 ____D C:\ESD
2021-08-29 17:31 - 2020-10-02 15:08 - 000000000 ____D C:\ProgramData\Riot Games
2021-08-29 15:10 - 2020-11-22 17:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2021-08-28 22:54 - 2021-03-24 12:24 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EasyAntiCheat
2021-08-28 21:12 - 2020-09-30 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-28 15:40 - 2020-11-23 13:23 - 000000000 ____D C:\Users\Petr\AppData\Roaming\.minecraft
2021-08-23 11:26 - 2020-09-29 20:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3289169553-1937731841-1937761989-1001
2021-08-23 11:26 - 2020-09-29 19:51 - 000002378 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-21 16:55 - 2021-03-20 15:05 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-08-21 10:55 - 2020-09-29 20:02 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-21 10:55 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-21 10:55 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-21 10:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-21 10:48 - 2020-09-29 21:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-21 10:48 - 2020-09-29 21:01 - 000000000 ____D C:\ProgramData\Avast Software
2021-08-21 10:47 - 2021-03-25 19:33 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-08-21 10:47 - 2020-09-29 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-21 10:47 - 2020-06-25 20:19 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-20 23:27 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-18 08:53 - 2020-10-07 15:34 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-15 18:15 - 2021-02-21 11:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 20:06 - 2021-03-25 20:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-08-13 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 12:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-13 11:34 - 2020-09-29 20:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 11:31 - 2020-09-29 20:57 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-13 11:31 - 2020-09-29 20:57 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-13 11:29 - 2020-09-29 20:41 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 20:09 - 2020-09-29 20:15 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2021-08-11 11:00 - 2021-07-15 15:50 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw05461625ede15590.tmp
2021-08-11 11:00 - 2021-05-28 10:49 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-11 11:00 - 2020-10-23 10:38 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw180cc6c547701703.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4c42e1c4f3600e12.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw0340871335c32e14.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswca31b341a3c814f9.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1bd0cc2dbfcbfd7a.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9bf5bc66641b152d.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw85d8c3ef37a9a53a.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw10a68302facffb50.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9ab6c8d4c34d5377.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswe3fc614e00b165a5.tmp
2021-08-11 11:00 - 2020-09-29 21:02 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf41a8792f0afe180.tmp
2021-08-09 21:13 - 2020-09-29 21:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2021-08-09 20:53 - 2020-10-12 20:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-08 23:13 - 2018-06-07 09:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2021-08-08 00:48 - 2021-07-16 18:23 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2021-08-08 00:48 - 2020-10-31 21:35 - 000002198 _____ C:\Users\Petr\Desktop\WhatsApp.lnk
2021-08-08 00:48 - 2020-10-31 21:35 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-08-08 00:48 - 2020-10-31 21:34 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2021
Ran by Petr (07-09-2021 15:53:56)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 21H1 19043.1165 (X64) (2020-09-29 18:12:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3289169553-1937731841-1937761989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3289169553-1937731841-1937761989-503 - Limited - Disabled)
Guest (S-1-5-21-3289169553-1937731841-1937761989-501 - Limited - Disabled)
Petr (S-1-5-21-3289169553-1937731841-1937761989-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3289169553-1937731841-1937761989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Discord (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Discord) (Version: 0.0.310 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.38 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
VALORANT (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VariCAD Viewer 2021-1.02 CZ (HKLM\...\VariCADViewer_CZ) (Version: 2021-1.02 - VariCAD s.r.o)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\WhatsApp) (Version: 2.2126.11 - WhatsApp)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Office -> C:\Program Files\WindowsApps\www.office.com-6A424043_1.0.0.2_neutral__hhrgrbe39qw14 [2021-05-28] (www.office.com)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0 [2021-09-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7864]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\sharepoint.com -> hxxps://kbagrafitec-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\Wallpaper -> d:\petr\ovladače\img9.jpg
DNS Servers: 85.132.179.206 - 188.75.176.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C6D8BEF9-309F-475D-84EF-413F0B6F8BDA}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{55B8EBE7-EDA7-4FB3-BC13-E19B09F8FC82}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1E948168-8F27-4E81-A98A-1290AF1E15AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DB0FA376-32F5-4B6F-9081-0CE30AB85535}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{22B9B73B-FC0B-4B6B-A75D-46D71E3B73BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEE1AE6D-2412-4BFB-94E9-23DD2D4B5E71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11E44AF9-E017-49BE-89BC-2B8A202D22B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [{758E3867-2B1E-4723-BD07-CAE59ED879C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [TCP Query User{01F3E7DD-ADB6-41E9-AFEA-6AD1BF728E3E}D:\denisa\hry\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{DEEC8326-290E-4B89-884B-7A71B856A8B6}D:\denisa\hry\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{0249CFDA-68B9-4D01-A4CB-6790486408FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RCCars\RCCars.exe (Computer Graphics Studio CREAT) [File not signed]
FirewallRules: [{F13F5722-9895-445D-A150-04CD78B6D9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RCCars\RCCars.exe (Computer Graphics Studio CREAT) [File not signed]
FirewallRules: [TCP Query User{D11F8981-B382-4191-B7D1-0BB777A9828D}D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E937AA7A-0E56-46D1-9F6E-2F98ED848B27}D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\denisa\hry\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{A53295C4-4919-4CB1-8671-1E9DE6D39B12}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [UDP Query User{DDDFE386-26CE-48AA-9CEF-4E334EFD22C3}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [TCP Query User{43B4CAAC-1EBD-4F9B-8263-C60C33FE7D0A}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{29B89ED9-89B9-42CB-896E-E507BE8A3BAC}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35CE8502-F883-4BEB-BF0C-C6D74CBB6218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3AF0E729-AE1E-4D0D-A38F-4098A1BF7B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{0044A0A8-320C-42F4-85C0-D511349F6338}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{69AEDED4-8D96-4C15-A08D-0503A67C73EB}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{42358730-F39B-408B-AA7C-571C4866AB81}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{799FBB0B-83CA-43C4-89A5-56F2F1B62B97}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{584A3A8D-2336-4527-96F8-9126DA631B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0E2D55EB-F872-45FE-B976-89B3649D9A97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{B181658D-EC43-40AA-81A7-E9F050250102}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E03DA6CE-CA82-407C-A756-739CFD7EEFCD}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{1333CC64-1A5B-4DE2-A5DD-810E6AE5E656}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F951A4FD-9654-4F4C-B216-608A46C55D58}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5883C4D8-D3C8-483C-98D9-779D081B5046}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{CFEC17B5-C23E-41BC-9CA9-604BB02F65EB}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5F2AD8CC-2351-4518-917E-A0CBF96E0F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{C1ACAB60-0CC1-4284-A9C2-C039AC1F7E84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{DCC1417A-831A-4DD9-8B20-EFC93142E873}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{64EFAD74-6D26-4B27-BA74-51A3EF8FE238}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{2E46AC9C-C6A9-46AE-B2BD-4B5C85E79940}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3AF386C9-E024-4143-A83F-6E5F88F30165}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{006F1885-CA17-48AC-BF96-9309E09D3637}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8BAFF23E-024A-430C-B363-8DC6C4157A31}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F2B32326-2463-458E-B466-EBBC5BFE4A08}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{6AAC2B51-3F9E-4889-9054-0C49B92D56B9}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{128EB5B3-B613-4A62-AFFE-2D36A3F5C13D}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{FDA535C5-44E4-4D4B-B01D-3FBA2975D20D}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{5D875870-344E-48DA-946F-E28219254D8A}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{FF32FEBD-A83D-4C59-8E41-E726F4DA67A5}] => (Allow) C:\Riot Games\League of Legends\LeagueClientUxRender.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DEFBD468-44DE-4BFF-9212-1BD47839B2F0}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{B0C62873-3930-4F4B-9CE2-8FD59A161C9C}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{9B4E6AD9-F149-4285-A022-3A5F6C6828C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0114D954-8538-45EC-B028-D383177757DC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1C19538-C4D0-435E-86B0-194C712F3FFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CAB40BB0-051C-4897-B44E-9F2989EC918C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{050CC43E-F881-436D-9698-6B6962F5AC6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8829504B-4A73-4256-A6A9-CC00C50779DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{4BD786FA-9697-4919-8005-E4653746691F}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{2C8CEC85-E61D-4C19-BB57-F322FACB93EC}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{DFD611AA-F8FE-4081-BDB8-A91D7D858034}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{027789B2-2A0F-446D-A04D-4C219E3C943B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{708E5EAD-83ED-427A-A195-F3F180D19EE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9700ACA6-7FE8-453B-8E7C-789174DEF3DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED9D2B40-BF31-417D-A0BB-0109CDD452A3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{852DE8D9-D2B7-4E48-AC09-F7371207F662}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe () [File not signed]
FirewallRules: [{1E50F65D-310A-4DF3-8678-F75C42A8252F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe () [File not signed]
FirewallRules: [{9F9A93EB-5749-43AE-9B00-D96CDBDBBB8C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{427912AB-AEC7-480E-BB45-418E12C86739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B037B7FB-F221-43A4-A72D-A24A4BF67D71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{51227456-FC3B-4A9B-B01F-A05C2236CA78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{7524EA37-4E0A-4972-870B-18BCC1902120}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{CEE3D78E-F010-41F9-9BB2-790DEDF5C3BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C18E573C-B88F-4D8B-9445-C3E5C2C7E382}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B09E2691-FA96-4BCA-AAEC-37B41341AED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B605DA1-57B4-42E0-AD50-922F689B12D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F61B0277-0828-4012-A46D-4B893EF838D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D2EEC97-A00C-4A06-9F3A-8A4EA5F95566}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0FAF32D2-CDDC-4E79-9BA0-F41545E95440}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B113613-6CA0-4FE5-A801-107E6B50364D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD803DFE-01A8-4003-91E4-CDE2B26F5E78}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.38\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{683ED1C0-47EA-4868-A3A3-16A993F31467}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E6E16EC2-8784-4589-B8F5-E1BDEB4AF747}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

20-08-2021 19:39:12 Naplánovaný kontrolní bod
30-08-2021 14:58:18 Naplánovaný kontrolní bod
06-09-2021 17:50:13 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Mikrofon (Steam Streaming Microphone)
Description: Zvukový koncový bod
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/07/2021 03:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vgtray.exe, verze: 1.8.2.15, časové razítko: 0x611b4970
Název chybujícího modulu: vgtray.exe, verze: 1.8.2.15, časové razítko: 0x611b4970
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000701c4
ID chybujícího procesu: 0x25e0
Čas spuštění chybující aplikace: 0x01d7a3ecfa3fac81
Cesta k chybující aplikaci: C:\Program Files\Riot Vanguard\vgtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Riot Vanguard\vgtray.exe
ID zprávy: ecb570d8-a130-43a9-96c6-ab8679a97e7a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/06/2021 05:38:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/06/2021 05:38:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Uložiště (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/06/2021 03:30:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MOE.exe, verze: 0.0.0.0, časové razítko: 0x6113b431
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0x8a32a22a
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6c23
ID chybujícího procesu: 0x4c
Čas spuštění chybující aplikace: 0x01d7a32362e20814
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 39626f8f-091a-4d5f-8243-c7863ecb3aa4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/01/2021 09:29:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/01/2021 09:29:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Uložiště (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/25/2021 09:08:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/25/2021 08:51:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (09/07/2021 03:33:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby FDResPub bylo dosaženo časového limitu (30000 ms).

Error: (08/31/2021 05:34:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo časového limitu (30000 ms).

Error: (08/29/2021 09:16:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort3.

Error: (08/29/2021 09:12:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort3.

Error: (08/29/2021 08:59:20 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort3.

Error: (08/29/2021 08:50:21 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort3.

Error: (08/29/2021 08:50:20 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort3.

Error: (08/29/2021 08:50:20 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort3.


CodeIntegrity:
===============
Date: 2021-09-07 15:36:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-07 15:33:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.3 11/15/2010
Motherboard: MSI 760GM-P33 (MS-7623)
Processor: AMD Phenom(tm) II X6 1055T Processor
Percentage of memory in use: 42%
Total physical RAM: 8191.18 MB
Available physical RAM: 4717.72 MB
Total Virtual: 10253.38 MB
Available Virtual: 6334.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.47 GB) (Free:763.95 GB) NTFS
Drive d: (Uložiště) (Fixed) (Total:1863.01 GB) (Free:764.86 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9b0c9b0c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{9b0c9b0c-0000-0000-0000-90c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F8F2D247)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9B0C9B0C)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=513 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: Prevence

Napsal: 07 zář 2021 18:06
od to_je_jedno
jéžiš, pardón, asi jsem otevřel špatné téma, omlouvám se

Re: Prevence

Napsal: 07 zář 2021 18:52
od Rudy
OK, omluvu přijímám, to se může stát. :)

Re: Prevence

Napsal: 08 zář 2021 13:29
od Rudy
2PredyP: Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {73A37A95-8408-4FFC-A607-514C75268DE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {C87ADBC0-D410-4F31-81AF-A49780F7DA49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Drivers\asw05461625ede15590.tmp
C:\WINDOWS\system32\Drivers\asw180cc6c547701703.tmp
C:\WINDOWS\system32\Drivers\asw4c42e1c4f3600e12.tmp
C:\WINDOWS\system32\Drivers\asw0340871335c32e14.tmp
C:\WINDOWS\system32\Drivers\aswca31b341a3c814f9.tmp
C:\WINDOWS\system32\Drivers\asw1bd0cc2dbfcbfd7a.tmp
C:\WINDOWS\system32\Drivers\asw9bf5bc66641b152d.tmp
C:\WINDOWS\system32\Drivers\asw85d8c3ef37a9a53a.tmp
C:\WINDOWS\system32\Drivers\asw10a68302facffb50.tmp
C:\WINDOWS\system32\Drivers\asw9ab6c8d4c34d5377.tmp
C:\WINDOWS\system32\Drivers\aswe3fc614e00b165a5.tmp
C:\WINDOWS\system32\Drivers\aswf41a8792f0afe180.tmp
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7864]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prevence

Napsal: 08 zář 2021 16:39
od PredyP
Dobrý den, Rudy.

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2021
Ran by Petr (08-09-2021 17:32:14) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {73A37A95-8408-4FFC-A607-514C75268DE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
Task: {C87ADBC0-D410-4F31-81AF-A49780F7DA49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-07] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Drivers\asw05461625ede15590.tmp
C:\WINDOWS\system32\Drivers\asw180cc6c547701703.tmp
C:\WINDOWS\system32\Drivers\asw4c42e1c4f3600e12.tmp
C:\WINDOWS\system32\Drivers\asw0340871335c32e14.tmp
C:\WINDOWS\system32\Drivers\aswca31b341a3c814f9.tmp
C:\WINDOWS\system32\Drivers\asw1bd0cc2dbfcbfd7a.tmp
C:\WINDOWS\system32\Drivers\asw9bf5bc66641b152d.tmp
C:\WINDOWS\system32\Drivers\asw85d8c3ef37a9a53a.tmp
C:\WINDOWS\system32\Drivers\asw10a68302facffb50.tmp
C:\WINDOWS\system32\Drivers\asw9ab6c8d4c34d5377.tmp
C:\WINDOWS\system32\Drivers\aswe3fc614e00b165a5.tmp
C:\WINDOWS\system32\Drivers\aswf41a8792f0afe180.tmp
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7864]

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{73A37A95-8408-4FFC-A607-514C75268DE5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A37A95-8408-4FFC-A607-514C75268DE5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C87ADBC0-D410-4F31-81AF-A49780F7DA49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C87ADBC0-D410-4F31-81AF-A49780F7DA49}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Drivers\asw05461625ede15590.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw180cc6c547701703.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw4c42e1c4f3600e12.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw0340871335c32e14.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswca31b341a3c814f9.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw1bd0cc2dbfcbfd7a.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw9bf5bc66641b152d.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw85d8c3ef37a9a53a.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw10a68302facffb50.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw9ab6c8d4c34d5377.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswe3fc614e00b165a5.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswf41a8792f0afe180.tmp => moved successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 224804036 B
Java, Flash, Steam htmlcache => 451592936 B
Windows/system/drivers => 7231537 B
Edge => 0 B
Chrome => 396871244 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18682 B
NetworkService => 18682 B
Petr => 11862842 B

RecycleBin => 25270332 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-09-2021 17:36:06)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:36:06 ====

Re: Prevence

Napsal: 08 zář 2021 16:48
od Rudy
Smazáno, log by již měl být OK.

Re: Prevence

Napsal: 08 zář 2021 16:55
od PredyP
Moc vám děkuji za pomoc, a zase někdy.
:worship: :worship: :worship:

Re: Prevence

Napsal: 08 zář 2021 17:51
od Rudy
Rádo se stalo a mějte se! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz