R3.o.lencr.org
Napsal: 31 říj 2021 14:09
Dobré odpoledne,
dceřin ntbk hlásí časté návštěvy (resp. Norton Family hlásí, 24x za poslední týden, bez jejího vědomí) stránky r3.o.lencr.org. Na netu jsem našel, že by mohlo jít o hijack browseru. Používá Firefox, občas Edge. Zkoušel jsem ADW cleaner, MBAM, ntbk je chráněn Nortonem, nic z toho nic nenašlo. Údajně by si s tím mohl poradit Spy Hunter 5, ale ten se nedá nainstalovat ani v safe modu. Což mi přijde taky podezřelé...
Přikládám logy z FRST a prosím o jejich kontrolu a případnou radu.
Děkuju, Chrudoš
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2021
Ran by Lucka (administrator) on LAPTOP-B2CDN2AA (ASUSTeK COMPUTER INC. VivoBook_ASUS Laptop X509UB) (31-10-2021 14:00:25)
Running from C:\Users\Lucka\Downloads
Loaded Profiles: Lucka
: Microsoft Windows 10 Home Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(Discord Inc. -> Discord Inc.) C:\Users\Lucka\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2a136cee25b9cb8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2a136cee25b9cb8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lucka\AppData\Local\Microsoft\OneDrive\21.205.1003.0003\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Family\Engine\3.8.6.29\NF.exe <2>
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Family\Engine\3.8.6.29\coNatHstNF.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Family\Engine\3.8.6.29\TampMon.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Run: [Discord] => C:\Users\Lucka\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Run: [MicrosoftEdgeAutoLaunch_7BD6CF863E37C29BF958628729CE57AB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-22] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {078AEC36-FA36-4457-8998-3FC399D7C0CE} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusHotkeyExec.exe [233616 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {0A495036-E57D-48F1-91D1-3093DB5C8CA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {19A29EBE-84A2-4B5A-B8B7-997D40A77190} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2553472 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {1C61F4F3-019D-4FFD-9498-8E1230D703F2} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {2DBFF4ED-512F-4B39-B61E-1082662D4794} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {45E5AF9A-C640-459A-9913-4AEB4AFF2477} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {48C92E70-7E16-4F75-AAB4-7356A3B0E35D} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {4D9AF559-5F04-4436-A7EF-4A65C681BE3B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4FAC27E5-E333-41E1-98D8-649B498195D8} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {57E16399-EFBF-470E-A470-2DFF03E27A91} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.9.25\WSCStub.exe [646520 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6031EE4D-446B-430F-AE3F-955A5DEF6E0A} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {655812C2-E625-4498-87C1-4849AD3B784B} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6BB5E176-4675-4A36-8059-D406AB54A267} - System32\Tasks\CCleanerSkipUAC - Lucka => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {702EC0DC-CFED-4FD7-ADFC-6BFEBF952F2D} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusUpdateChecker.exe [771208 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {716F59F1-AABF-4593-A300-6B2CDD29532A} - System32\Tasks\Norton Family\Norton Family Error Analyzer => C:\Program Files\Norton Family\Engine\3.8.6.29\SymErr.exe [108752 2021-07-12] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {746FBFC4-4B24-425C-912A-2715DAB9CE03} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1063712 2020-02-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {79AA0695-494B-4B0D-9196-6259B649D0D5} - System32\Tasks\Norton Family\Norton Family Autofix => C:\Program Files\Norton Family\Engine\3.8.6.29\SymErr.exe [108752 2021-07-12] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {7BDD36C9-7300-42CC-B33F-FB1AD4B5D270} - System32\Tasks\Norton Family\Norton Family Error Processor => C:\Program Files\Norton Family\Engine\3.8.6.29\SymErr.exe [108752 2021-07-12] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {88B33DDE-A3CB-4255-A18F-E88FBCB6D892} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {8E9D53F5-2E4F-4A77-9F2B-70EF1109F36D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-03] (Google LLC -> Google LLC)
Task: {9181145C-C16F-4561-944C-16749E8544DD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {93D54E77-5950-40AB-8D9B-6CCE47744D8E} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E1F86A1D-8720-4841-9D78-DCFFCEB3B20F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-03] (Google LLC -> Google LLC)
Task: {EEDCD114-15DC-4228-B0CC-A4337E61F9AD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {FB5C11F1-AACF-4DDC-8BCA-102A710C4663} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45edbf9b-4c82-4f43-8318-5a28e971a34b}: [DhcpNameServer] 40.53.1.11
Tcpip\..\Interfaces\{fd30de23-f4c4-4338-939e-f1399a64d8a5}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lucka\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-31]
Edge Extension: (Norton™ Family) - C:\Users\Lucka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\afajehnfndilpkgfkpmedpepalbalnkm [2021-09-29]
Edge Extension: (Norton Safe Web) - C:\Users\Lucka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-10-21]
Edge HKLM\...\Edge\Extension: [afajehnfndilpkgfkpmedpepalbalnkm] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Edge.crx [2021-09-14]
Edge HKLM-x32\...\Edge\Extension: [afajehnfndilpkgfkpmedpepalbalnkm] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Edge.crx [2021-09-14]
FireFox:
========
FF DefaultProfile: ozqedfs8.default
FF ProfilePath: C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\ozqedfs8.default [2020-10-25]
FF ProfilePath: C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release [2021-10-31]
FF Notifications: Mozilla\Firefox\Profiles\rje3xk12.default-release -> hxxps//meet.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (Norton Safe Search) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2021-08-28] [UpdateUrl:hxxps//static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\nortonsafeweb@symantec.com.xpi [2021-08-26]
FF Extension: (Norton™ Family) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi [2021-09-09]
FF HKLM\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\Program Files\Norton Family\Engine\3.8.6.29\Exts\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi
FF Extension: (Norton™ Family) - C:\Program Files\Norton Family\Engine\3.8.6.29\Exts\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi [2021-08-25]
FF HKLM-x32\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\Program Files\Norton Family\Engine\3.8.6.29\Exts\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default [2021-10-31]
CHR DefaultSearchURL: Default -> hxxps//searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps//ss-sym.search.ask.com/ss?limit=10&li=ff&hl=cs&q={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-03]
CHR Extension: (Tabulky) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-03]
CHR Extension: (Norton Safe Web) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-03]
CHR Extension: (Norton Safe) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2021-06-18]
CHR Extension: (Norton™ Family) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2021-06-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-03]
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Chrome.crx [2021-09-14]
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Chrome.crx [2021-09-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe [364688 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe [1307792 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe [753808 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe [334464 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe [1012872 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2553472 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [612760 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe [343336 2021-09-29] (NortonLifeLock Inc. -> Broadcom)
R2 NSM; C:\Program Files\Norton Family\Engine\3.8.6.29\NF.exe [202976 2021-09-02] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe [1058664 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 TampMon; C:\Program Files\Norton Family\Engine\3.8.6.29\TampMon.exe [79584 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S3 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\ASUSSAIO.sys [35968 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\atkwmiacpi64.sys [44200 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\BASHDefs\20211027.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\ccSetx64.sys [192256 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NSM; C:\WINDOWS\System32\drivers\NSMx64\0308060.01D\ccSetx64.sys [192248 2021-05-07] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-10-18] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-01-29] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\IPSDefs\20211029.061\IDSvia64.sys [1480144 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\nsvst.sys [56080 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SRTSP64.SYS [892600 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SRTSPX64.SYS [48832 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SYMEFASI64.SYS [2059952 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SymELAM.sys [31976 2021-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.39\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\Ironx64.SYS [319176 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\symnets.sys [575344 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\WINDOWS\System32\drivers\NSMx64\0308060.01D\symrdrs.sys [249696 2021-05-07] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\wpCtrlDrv.sys [1015760 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-31 13:42 - 2021-10-31 13:43 - 000034529 _____ C:\Users\Lucka\Downloads\Addition.txt
2021-10-31 13:40 - 2021-10-31 14:01 - 000027652 _____ C:\Users\Lucka\Downloads\FRST.txt
2021-10-31 13:40 - 2021-10-31 14:00 - 000000000 ____D C:\FRST
2021-10-31 13:39 - 2021-10-31 13:39 - 002310656 _____ (Farbar) C:\Users\Lucka\Downloads\FRST64.exe
2021-10-31 13:37 - 2021-10-31 13:38 - 000000000 ____D C:\AdwCleaner
2021-10-31 13:37 - 2021-10-31 13:37 - 008553680 _____ (Malwarebytes) C:\Users\Lucka\Downloads\adwcleaner_8.3.0.exe
2021-10-31 13:27 - 2021-10-31 13:27 - 007746848 _____ (EnigmaSoft Limited) C:\Users\Lucka\Downloads\SpyHunter-5.11-6-5285-Installer(1).exe
2021-10-31 13:21 - 2021-10-31 13:32 - 000422670 _____ C:\WINDOWS\ntbtlog.txt
2021-10-31 13:21 - 2021-10-31 13:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-10-31 13:01 - 2021-10-31 13:37 - 000000000 ____D C:\Program Files\CCleaner
2021-10-31 13:01 - 2021-10-31 13:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-31 13:01 - 2021-10-31 13:01 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Lucka
2021-10-31 13:01 - 2021-10-31 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-10-31 12:55 - 2021-10-31 12:56 - 036235064 _____ (Piriform Software Ltd) C:\Users\Lucka\Downloads\ccsetup586.exe
2021-10-31 12:48 - 2021-10-31 12:48 - 000000000 ____D C:\Users\Lucka\AppData\Local\mbam
2021-10-31 12:46 - 2021-10-31 12:46 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-31 12:45 - 2021-10-31 12:45 - 002101944 _____ (Malwarebytes) C:\Users\Lucka\Downloads\MBSetup-119967.119967-consumer.exe
2021-10-31 12:31 - 2021-10-31 12:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-10-31 12:30 - 2021-10-31 12:30 - 007746848 _____ (EnigmaSoft Limited) C:\Users\Lucka\Downloads\SpyHunter-5.11-6-5285-Installer.exe
2021-10-29 17:41 - 2021-10-31 13:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security with Backup
2021-10-21 15:00 - 2021-10-21 15:01 - 060394967 _____ C:\Users\Lucka\Downloads\20211021_153153.mp4
2021-10-19 06:59 - 2021-05-28 13:08 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001192736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 001163552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000690456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-19 06:59 - 2021-05-28 13:05 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000556832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000546072 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 000445232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-19 06:59 - 2021-05-28 13:03 - 008306480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-19 06:59 - 2021-05-28 13:03 - 007429904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-19 06:59 - 2021-05-28 13:03 - 004610328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-19 06:59 - 2021-05-28 13:03 - 002729752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-19 06:59 - 2021-05-28 13:02 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-19 06:59 - 2021-05-28 13:01 - 006076536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-19 06:59 - 2021-05-28 12:30 - 000084514 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-19 06:52 - 2021-10-27 16:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-18 18:18 - 2021-10-18 18:18 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-18 18:17 - 2021-10-18 18:17 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-18 18:17 - 2021-10-18 18:17 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-18 18:17 - 2021-10-18 18:17 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-18 18:17 - 2021-10-18 18:17 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-18 18:17 - 2021-10-18 18:17 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-18 18:17 - 2021-10-18 18:17 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-18 18:17 - 2021-10-18 18:17 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-18 18:17 - 2021-10-18 18:17 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-18 18:17 - 2021-10-18 18:17 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-18 18:17 - 2021-10-18 18:17 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-18 18:16 - 2021-10-18 18:16 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-18 18:16 - 2021-10-18 18:16 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-18 18:07 - 2021-10-18 18:07 - 000000000 ___HD C:\$WinREAgent
2021-10-18 17:57 - 2021-10-21 18:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-08 18:18 - 2021-10-29 17:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-10-08 18:18 - 2021-10-29 16:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-10-08 18:18 - 2021-10-08 18:18 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-31 13:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-31 13:42 - 2021-04-02 11:03 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-31 13:42 - 2021-04-02 11:00 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-10-31 13:42 - 2019-12-07 15:41 - 000684862 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-31 13:42 - 2019-12-07 15:41 - 000137626 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-31 13:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-31 13:40 - 2021-09-14 15:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Family
2021-10-31 13:38 - 2021-06-03 15:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-31 13:37 - 2021-07-19 19:01 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\discord
2021-10-31 13:37 - 2021-07-19 19:01 - 000000000 ____D C:\Users\Lucka\AppData\Local\Discord
2021-10-31 13:37 - 2020-10-25 16:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-31 13:36 - 2020-10-26 07:04 - 000000000 ___RD C:\Users\Lucka\OneDrive
2021-10-31 13:36 - 2020-10-25 16:18 - 000000000 ____D C:\Users\Lucka\AppData\LocalLow\Mozilla
2021-10-31 13:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-31 13:35 - 2021-04-02 11:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-31 13:35 - 2021-04-02 10:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-31 13:35 - 2020-10-26 07:01 - 000000000 __SHD C:\Users\Lucka\IntelGraphicsProfiles
2021-10-31 13:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-31 13:35 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-31 13:35 - 2019-11-22 01:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-31 13:23 - 2020-11-25 18:49 - 000000000 ____D C:\Users\Lucka\AppData\Local\ElevatedDiagnostics
2021-10-31 13:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-31 13:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-31 13:16 - 2019-12-07 10:03 - 000016384 _____ C:\WINDOWS\system32\config\ELAM
2021-10-31 12:31 - 2020-11-06 08:34 - 000000000 ____D C:\Program Files\Common Files\AV
2021-10-31 11:20 - 2021-03-23 14:19 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\.minecraft
2021-10-31 11:19 - 2021-03-23 14:21 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\.tlauncher
2021-10-31 10:46 - 2020-11-09 07:57 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-30 18:31 - 2021-04-02 10:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-29 16:27 - 2020-10-26 07:01 - 000000000 ____D C:\Users\Lucka\AppData\Local\Packages
2021-10-29 11:17 - 2021-04-02 11:00 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2626799547-1119966308-3382805429-1001
2021-10-29 11:17 - 2021-04-01 09:44 - 000002383 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-27 17:25 - 2021-04-01 09:44 - 000000000 ____D C:\Users\Lucka
2021-10-26 12:33 - 2019-11-22 00:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-25 13:42 - 2020-11-05 07:53 - 000000000 ____D C:\Users\Lucka\AppData\Local\CrashDumps
2021-10-22 11:21 - 2021-06-03 15:51 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-21 18:45 - 2020-10-25 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-21 08:16 - 2020-10-26 07:01 - 000000000 ____D C:\Users\Lucka\AppData\Local\ConnectedDevicesPlatform
2021-10-21 07:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-19 06:52 - 2020-10-25 16:18 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-18 19:49 - 2021-04-02 10:54 - 000436256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-18 18:07 - 2019-07-12 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-18 18:06 - 2020-10-25 15:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-18 17:48 - 2020-10-25 15:42 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-11 15:51 - 2020-10-25 15:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-09 17:59 - 2021-04-08 07:00 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d727a6c3263834
2021-10-09 17:59 - 2021-04-02 11:00 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-08 18:18 - 2020-10-26 16:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2021-10-01 15:15 - 2021-06-03 15:51 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 15:15 - 2021-06-03 15:51 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by Lucka (31-10-2021 14:01:53)
Running from C:\Users\Lucka\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1288 (X64) (2021-04-02 10:01:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2626799547-1119966308-3382805429-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2626799547-1119966308-3382805429-503 - Limited - Disabled)
Guest (S-1-5-21-2626799547-1119966308-3382805429-501 - Limited - Disabled)
Lucka (S-1-5-21-2626799547-1119966308-3382805429-1001 - Administrator - Enabled) => C:\Users\Lucka
WDAGUtilityAccount (S-1-5-21-2626799547-1119966308-3382805429-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.17.5 - ICEpower a/s)
CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform)
Discord (HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.48 - PandoraTV)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26405 (HKLM-x32\...\{5b295ba9-ef89-4aeb-8acc-b61adb0b9b5f}) (Version: 14.14.26405.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 93.0 (x64 cs)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0 - Mozilla)
Norton Family (HKLM-x32\...\NSM) (Version: 3.8.6.29 - NortonLifeLock Inc.)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.9.25 - NortonLifeLock Inc)
NVIDIA Ovladače grafiky 462.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.59 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)
Packages:
=========
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2021-10-30] (ICEpower)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-31] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-09-03] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2019-07-12] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy [2021-10-30] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
Music Maker Windows Store Edition -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MusicMakerWindowsStoreEdition_26.36.1.0_x86__awcgk3qbzve1y [2021-02-27] (MAGIX Software GmbH)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.25.0_x64__qmba6cd70vzyy [2021-10-29] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-30] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.8.204.0_x64__dt26b99r8h8gj [2021-08-09] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.500.373.0_x86__55nm5eh3cm0pr [2021-10-30] (ROBLOX Corporation)
SpongeBob: Krusty Cook-Off -> C:\Program Files\WindowsApps\TiltingPoint.SpongeBobKrustyCook-Off_1.26.234.0_x64__85kh3h6wfjavg [2021-07-18] (Tilting Point)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2140.12.0_x64__cv1g1gvanyjgm [2021-10-27] (WhatsApp Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2021-01-03] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\nvshext.dll [2021-05-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//asus17win10.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files\Norton Family\Engine\3.8.6.29\coIEPlg.dll [2021-07-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files\Norton Family\Engine32\3.8.6.29\coIEPlg.dll [2021-07-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucka\Downloads\Snímek obrazovky 2021-05-13 172309.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FB1BD23F-CF34-4A18-997A-A8937E615F86}C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C716E17D-8652-4F69-B3DA-CC11CC339E22}C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EC09D84-53CB-479F-9028-25C8D968D536}] => (Allow) C:\HRY\ZOO TYCOON 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{107570A2-9EE4-4407-9E6E-02471C62C076}] => (Allow) C:\HRY\ZOO TYCOON 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{37696575-DC17-4869-A571-50977CE31175}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6D7D21D6-4C92-4C6A-9AA8-E14F2214F9A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1733919B-8986-4945-BD41-65DD0DD0DFC4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{F655B786-501B-4D9B-A53F-E1972EA9F8F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{642C2092-8E61-418B-BBAF-5BC1C5BEA856}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AACFE7E-BAC7-4209-99D8-BE7A2F2590A6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{63F4DFF9-633A-485B-9697-03B2636B3761}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48127876-CA36-44DF-9AAA-409CF1B78BFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A27FF16E-65BF-4141-8E2E-0EADB3693E5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{27FE9980-F4E0-44B4-8289-0867163A5A5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18CDCAFC-C98F-4A01-B995-5D8CCA893672}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4F5C023-D4CE-44BE-ACCF-E75CA9098E4B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{72DE2A40-1003-4433-BDC2-225B56C94DFF}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B9A2166C-6A98-4A09-9319-1DBD1A6F96AA}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
18-10-2021 18:07:03 Instalační služba modulů systému Windows
21-10-2021 07:00:56 Instalační služba modulů systému Windows
28-10-2021 10:53:53 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/31/2021 01:47:19 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (10/31/2021 12:22:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.57, časové razítko: 0x6066105d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1288, časové razítko: 0xa280d1d6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff199
ID chybujícího procesu: 0x2b44
Čas spuštění chybující aplikace: 0x01d7ce496c55894c
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 06fb2694-7ab2-4310-835a-9a29ecf8726a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/31/2021 12:21:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.40 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2b9c
Čas spuštění: 01d7ce496e5e4d3b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\identity_helper.exe
ID hlášení: 7f6e35ca-42df-4b6c-a3d9-e8d4fa0cd580
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.38_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/30/2021 06:46:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.38 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 620
Čas spuštění: 01d7cdb6002f972c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.38\identity_helper.exe
ID hlášení: b04b6e05-31ec-442e-b8a7-03355aaa6612
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.30_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/25/2021 01:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Windows10Universal.exe, verze: 0.0.0.0, časové razítko: 0x0b0810b5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x82dc99a2
Kód výjimky: 0xc0000005
Posun chyby: 0x0005fc8e
ID chybujícího procesu: 0x2f0c
Čas spuštění chybující aplikace: 0x01d7c9925b85421f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr\Windows10Universal.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: de2f5cfe-57ef-402a-8f96-85befca29471
Úplný název chybujícího balíčku: ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr
ID aplikace související s chybujícím balíčkem: App
Error: (10/24/2021 08:58:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.30 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 29c8
Čas spuštění: 01d7c8ace381af9e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.30\identity_helper.exe
ID hlášení: 76627f4c-6909-4150-84a7-9ef9484efc3b
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_94.0.992.50_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/22/2021 11:53:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.721.9022.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1dac
Čas spuštění: 01d7c7319bd88974
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
ID hlášení: c1391b62-1656-4778-9885-65248e65bb07
Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Navigation
Error: (10/22/2021 07:58:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Windows10Universal.exe, verze: 0.0.0.0, časové razítko: 0x0b0810b5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x82dc99a2
Kód výjimky: 0xc0000005
Posun chyby: 0x0005fc8e
ID chybujícího procesu: 0xdac
Čas spuštění chybující aplikace: 0x01d7c710f03bf974
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr\Windows10Universal.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 367327eb-ac85-4143-84c7-a200f5b2ad6f
Úplný název chybujícího balíčku: ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (10/31/2021 01:35:27 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (10/31/2021 01:35:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (10/31/2021 01:33:26 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (10/31/2021 01:33:17 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby LicenseManager s argumenty Není k dispozici za účelem spuštění serveru:
{22F5B1DF-7D7A-4D21-97F8-C21AEFBA859C}
Error: (10/31/2021 01:33:14 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (10/31/2021 01:33:10 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (10/31/2021 01:33:10 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (10/31/2021 01:33:10 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
CodeIntegrity:
===============
Date: 2021-10-31 13:47:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-10-31 13:47:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X509UB.303 01/10/2020
Motherboard: ASUSTeK COMPUTER INC. X509UB
Processor: Intel(R) Core(TM) i3-7020U CPU @ 2.30GHz
Percentage of memory in use: 63%
Total physical RAM: 8074.01 MB
Available physical RAM: 2911.82 MB
Total Virtual: 15498.01 MB
Available Virtual: 8958.92 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:476.03 GB) (Free:364.62 GB) NTFS
\\?\Volume{0416bb98-0a94-4073-9874-6a3678a6d6a5}\ (RECOVERY) (Fixed) (Total:0.63 GB) (Free:0.16 GB) NTFS
\\?\Volume{dc4866a8-d3ee-4bf1-a953-2bffa1387d76}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: E05B109B)
Partition: GPT.
==================== End of Addition.txt =======================
dceřin ntbk hlásí časté návštěvy (resp. Norton Family hlásí, 24x za poslední týden, bez jejího vědomí) stránky r3.o.lencr.org. Na netu jsem našel, že by mohlo jít o hijack browseru. Používá Firefox, občas Edge. Zkoušel jsem ADW cleaner, MBAM, ntbk je chráněn Nortonem, nic z toho nic nenašlo. Údajně by si s tím mohl poradit Spy Hunter 5, ale ten se nedá nainstalovat ani v safe modu. Což mi přijde taky podezřelé...
Přikládám logy z FRST a prosím o jejich kontrolu a případnou radu.
Děkuju, Chrudoš
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2021
Ran by Lucka (administrator) on LAPTOP-B2CDN2AA (ASUSTeK COMPUTER INC. VivoBook_ASUS Laptop X509UB) (31-10-2021 14:00:25)
Running from C:\Users\Lucka\Downloads
Loaded Profiles: Lucka
: Microsoft Windows 10 Home Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(Discord Inc. -> Discord Inc.) C:\Users\Lucka\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2a136cee25b9cb8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2a136cee25b9cb8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lucka\AppData\Local\Microsoft\OneDrive\21.205.1003.0003\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Family\Engine\3.8.6.29\NF.exe <2>
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Family\Engine\3.8.6.29\coNatHstNF.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Family\Engine\3.8.6.29\TampMon.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Run: [Discord] => C:\Users\Lucka\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Run: [MicrosoftEdgeAutoLaunch_7BD6CF863E37C29BF958628729CE57AB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-22] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {078AEC36-FA36-4457-8998-3FC399D7C0CE} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusHotkeyExec.exe [233616 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {0A495036-E57D-48F1-91D1-3093DB5C8CA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {19A29EBE-84A2-4B5A-B8B7-997D40A77190} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2553472 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {1C61F4F3-019D-4FFD-9498-8E1230D703F2} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {2DBFF4ED-512F-4B39-B61E-1082662D4794} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {45E5AF9A-C640-459A-9913-4AEB4AFF2477} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {48C92E70-7E16-4F75-AAB4-7356A3B0E35D} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {4D9AF559-5F04-4436-A7EF-4A65C681BE3B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4FAC27E5-E333-41E1-98D8-649B498195D8} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {57E16399-EFBF-470E-A470-2DFF03E27A91} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.9.25\WSCStub.exe [646520 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6031EE4D-446B-430F-AE3F-955A5DEF6E0A} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {655812C2-E625-4498-87C1-4849AD3B784B} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6BB5E176-4675-4A36-8059-D406AB54A267} - System32\Tasks\CCleanerSkipUAC - Lucka => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {702EC0DC-CFED-4FD7-ADFC-6BFEBF952F2D} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusUpdateChecker.exe [771208 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {716F59F1-AABF-4593-A300-6B2CDD29532A} - System32\Tasks\Norton Family\Norton Family Error Analyzer => C:\Program Files\Norton Family\Engine\3.8.6.29\SymErr.exe [108752 2021-07-12] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {746FBFC4-4B24-425C-912A-2715DAB9CE03} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1063712 2020-02-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {79AA0695-494B-4B0D-9196-6259B649D0D5} - System32\Tasks\Norton Family\Norton Family Autofix => C:\Program Files\Norton Family\Engine\3.8.6.29\SymErr.exe [108752 2021-07-12] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {7BDD36C9-7300-42CC-B33F-FB1AD4B5D270} - System32\Tasks\Norton Family\Norton Family Error Processor => C:\Program Files\Norton Family\Engine\3.8.6.29\SymErr.exe [108752 2021-07-12] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {88B33DDE-A3CB-4255-A18F-E88FBCB6D892} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {8E9D53F5-2E4F-4A77-9F2B-70EF1109F36D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-03] (Google LLC -> Google LLC)
Task: {9181145C-C16F-4561-944C-16749E8544DD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {93D54E77-5950-40AB-8D9B-6CCE47744D8E} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E1F86A1D-8720-4841-9D78-DCFFCEB3B20F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-03] (Google LLC -> Google LLC)
Task: {EEDCD114-15DC-4228-B0CC-A4337E61F9AD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {FB5C11F1-AACF-4DDC-8BCA-102A710C4663} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45edbf9b-4c82-4f43-8318-5a28e971a34b}: [DhcpNameServer] 40.53.1.11
Tcpip\..\Interfaces\{fd30de23-f4c4-4338-939e-f1399a64d8a5}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lucka\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-31]
Edge Extension: (Norton™ Family) - C:\Users\Lucka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\afajehnfndilpkgfkpmedpepalbalnkm [2021-09-29]
Edge Extension: (Norton Safe Web) - C:\Users\Lucka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-10-21]
Edge HKLM\...\Edge\Extension: [afajehnfndilpkgfkpmedpepalbalnkm] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Edge.crx [2021-09-14]
Edge HKLM-x32\...\Edge\Extension: [afajehnfndilpkgfkpmedpepalbalnkm] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Edge.crx [2021-09-14]
FireFox:
========
FF DefaultProfile: ozqedfs8.default
FF ProfilePath: C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\ozqedfs8.default [2020-10-25]
FF ProfilePath: C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release [2021-10-31]
FF Notifications: Mozilla\Firefox\Profiles\rje3xk12.default-release -> hxxps//meet.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (Norton Safe Search) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2021-08-28] [UpdateUrl:hxxps//static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\nortonsafeweb@symantec.com.xpi [2021-08-26]
FF Extension: (Norton™ Family) - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\rje3xk12.default-release\Extensions\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi [2021-09-09]
FF HKLM\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\Program Files\Norton Family\Engine\3.8.6.29\Exts\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi
FF Extension: (Norton™ Family) - C:\Program Files\Norton Family\Engine\3.8.6.29\Exts\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi [2021-08-25]
FF HKLM-x32\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\Program Files\Norton Family\Engine\3.8.6.29\Exts\{8A0D66E3-1C08-49A6-8F6C-7E024029D199}.xpi
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default [2021-10-31]
CHR DefaultSearchURL: Default -> hxxps//searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps//ss-sym.search.ask.com/ss?limit=10&li=ff&hl=cs&q={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-03]
CHR Extension: (Tabulky) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-03]
CHR Extension: (Norton Safe Web) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-03]
CHR Extension: (Norton Safe) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2021-06-18]
CHR Extension: (Norton™ Family) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2021-06-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-03]
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Chrome.crx [2021-09-14]
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files\Norton Family\Engine\3.8.6.29\Extensions\Chrome.crx [2021-09-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe [364688 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe [1307792 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe [753808 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe [334464 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe [1012872 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2553472 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [612760 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe [343336 2021-09-29] (NortonLifeLock Inc. -> Broadcom)
R2 NSM; C:\Program Files\Norton Family\Engine\3.8.6.29\NF.exe [202976 2021-09-02] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe [1058664 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 TampMon; C:\Program Files\Norton Family\Engine\3.8.6.29\TampMon.exe [79584 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S3 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\ASUSSAIO.sys [35968 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\atkwmiacpi64.sys [44200 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\BASHDefs\20211027.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\ccSetx64.sys [192256 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NSM; C:\WINDOWS\System32\drivers\NSMx64\0308060.01D\ccSetx64.sys [192248 2021-05-07] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-10-18] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-01-29] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\IPSDefs\20211029.061\IDSvia64.sys [1480144 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\nsvst.sys [56080 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SRTSP64.SYS [892600 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SRTSPX64.SYS [48832 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SYMEFASI64.SYS [2059952 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\SymELAM.sys [31976 2021-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.39\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\Ironx64.SYS [319176 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\symnets.sys [575344 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\WINDOWS\System32\drivers\NSMx64\0308060.01D\symrdrs.sys [249696 2021-05-07] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615090.019\wpCtrlDrv.sys [1015760 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-31 13:42 - 2021-10-31 13:43 - 000034529 _____ C:\Users\Lucka\Downloads\Addition.txt
2021-10-31 13:40 - 2021-10-31 14:01 - 000027652 _____ C:\Users\Lucka\Downloads\FRST.txt
2021-10-31 13:40 - 2021-10-31 14:00 - 000000000 ____D C:\FRST
2021-10-31 13:39 - 2021-10-31 13:39 - 002310656 _____ (Farbar) C:\Users\Lucka\Downloads\FRST64.exe
2021-10-31 13:37 - 2021-10-31 13:38 - 000000000 ____D C:\AdwCleaner
2021-10-31 13:37 - 2021-10-31 13:37 - 008553680 _____ (Malwarebytes) C:\Users\Lucka\Downloads\adwcleaner_8.3.0.exe
2021-10-31 13:27 - 2021-10-31 13:27 - 007746848 _____ (EnigmaSoft Limited) C:\Users\Lucka\Downloads\SpyHunter-5.11-6-5285-Installer(1).exe
2021-10-31 13:21 - 2021-10-31 13:32 - 000422670 _____ C:\WINDOWS\ntbtlog.txt
2021-10-31 13:21 - 2021-10-31 13:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-10-31 13:01 - 2021-10-31 13:37 - 000000000 ____D C:\Program Files\CCleaner
2021-10-31 13:01 - 2021-10-31 13:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-31 13:01 - 2021-10-31 13:01 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Lucka
2021-10-31 13:01 - 2021-10-31 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-10-31 12:55 - 2021-10-31 12:56 - 036235064 _____ (Piriform Software Ltd) C:\Users\Lucka\Downloads\ccsetup586.exe
2021-10-31 12:48 - 2021-10-31 12:48 - 000000000 ____D C:\Users\Lucka\AppData\Local\mbam
2021-10-31 12:46 - 2021-10-31 12:46 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-31 12:45 - 2021-10-31 12:45 - 002101944 _____ (Malwarebytes) C:\Users\Lucka\Downloads\MBSetup-119967.119967-consumer.exe
2021-10-31 12:31 - 2021-10-31 12:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-10-31 12:30 - 2021-10-31 12:30 - 007746848 _____ (EnigmaSoft Limited) C:\Users\Lucka\Downloads\SpyHunter-5.11-6-5285-Installer.exe
2021-10-29 17:41 - 2021-10-31 13:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security with Backup
2021-10-21 15:00 - 2021-10-21 15:01 - 060394967 _____ C:\Users\Lucka\Downloads\20211021_153153.mp4
2021-10-19 06:59 - 2021-05-28 13:08 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-19 06:59 - 2021-05-28 13:08 - 001192736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-19 06:59 - 2021-05-28 13:08 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 001163552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000690456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-19 06:59 - 2021-05-28 13:05 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000556832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-19 06:59 - 2021-05-28 13:05 - 000546072 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-19 06:59 - 2021-05-28 13:04 - 000445232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-19 06:59 - 2021-05-28 13:03 - 008306480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-19 06:59 - 2021-05-28 13:03 - 007429904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-19 06:59 - 2021-05-28 13:03 - 004610328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-19 06:59 - 2021-05-28 13:03 - 002729752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-19 06:59 - 2021-05-28 13:02 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-19 06:59 - 2021-05-28 13:01 - 006076536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-19 06:59 - 2021-05-28 12:30 - 000084514 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-19 06:52 - 2021-10-27 16:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-18 18:18 - 2021-10-18 18:18 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-18 18:17 - 2021-10-18 18:17 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-18 18:17 - 2021-10-18 18:17 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-18 18:17 - 2021-10-18 18:17 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-18 18:17 - 2021-10-18 18:17 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-18 18:17 - 2021-10-18 18:17 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-18 18:17 - 2021-10-18 18:17 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-18 18:17 - 2021-10-18 18:17 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-18 18:17 - 2021-10-18 18:17 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-18 18:17 - 2021-10-18 18:17 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-18 18:17 - 2021-10-18 18:17 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-18 18:16 - 2021-10-18 18:16 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-18 18:16 - 2021-10-18 18:16 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-18 18:07 - 2021-10-18 18:07 - 000000000 ___HD C:\$WinREAgent
2021-10-18 17:57 - 2021-10-21 18:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-08 18:18 - 2021-10-29 17:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-10-08 18:18 - 2021-10-29 16:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-10-08 18:18 - 2021-10-08 18:18 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-31 13:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-31 13:42 - 2021-04-02 11:03 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-31 13:42 - 2021-04-02 11:00 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-10-31 13:42 - 2019-12-07 15:41 - 000684862 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-31 13:42 - 2019-12-07 15:41 - 000137626 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-31 13:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-31 13:40 - 2021-09-14 15:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Family
2021-10-31 13:38 - 2021-06-03 15:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-31 13:37 - 2021-07-19 19:01 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\discord
2021-10-31 13:37 - 2021-07-19 19:01 - 000000000 ____D C:\Users\Lucka\AppData\Local\Discord
2021-10-31 13:37 - 2020-10-25 16:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-31 13:36 - 2020-10-26 07:04 - 000000000 ___RD C:\Users\Lucka\OneDrive
2021-10-31 13:36 - 2020-10-25 16:18 - 000000000 ____D C:\Users\Lucka\AppData\LocalLow\Mozilla
2021-10-31 13:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-31 13:35 - 2021-04-02 11:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-31 13:35 - 2021-04-02 10:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-31 13:35 - 2020-10-26 07:01 - 000000000 __SHD C:\Users\Lucka\IntelGraphicsProfiles
2021-10-31 13:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-31 13:35 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-31 13:35 - 2019-11-22 01:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-31 13:23 - 2020-11-25 18:49 - 000000000 ____D C:\Users\Lucka\AppData\Local\ElevatedDiagnostics
2021-10-31 13:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-31 13:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-31 13:16 - 2019-12-07 10:03 - 000016384 _____ C:\WINDOWS\system32\config\ELAM
2021-10-31 12:31 - 2020-11-06 08:34 - 000000000 ____D C:\Program Files\Common Files\AV
2021-10-31 11:20 - 2021-03-23 14:19 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\.minecraft
2021-10-31 11:19 - 2021-03-23 14:21 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\.tlauncher
2021-10-31 10:46 - 2020-11-09 07:57 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-30 18:31 - 2021-04-02 10:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-29 16:27 - 2020-10-26 07:01 - 000000000 ____D C:\Users\Lucka\AppData\Local\Packages
2021-10-29 11:17 - 2021-04-02 11:00 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2626799547-1119966308-3382805429-1001
2021-10-29 11:17 - 2021-04-01 09:44 - 000002383 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-27 17:25 - 2021-04-01 09:44 - 000000000 ____D C:\Users\Lucka
2021-10-26 12:33 - 2019-11-22 00:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-25 13:42 - 2020-11-05 07:53 - 000000000 ____D C:\Users\Lucka\AppData\Local\CrashDumps
2021-10-22 11:21 - 2021-06-03 15:51 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-21 18:45 - 2020-10-25 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-21 08:16 - 2020-10-26 07:01 - 000000000 ____D C:\Users\Lucka\AppData\Local\ConnectedDevicesPlatform
2021-10-21 07:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-19 06:52 - 2020-10-25 16:18 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-18 19:49 - 2021-04-02 10:54 - 000436256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-18 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-18 18:07 - 2019-07-12 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-18 18:06 - 2020-10-25 15:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-18 17:48 - 2020-10-25 15:42 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-11 15:51 - 2020-10-25 15:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-09 17:59 - 2021-04-08 07:00 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d727a6c3263834
2021-10-09 17:59 - 2021-04-02 11:00 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-08 18:18 - 2020-10-26 16:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2021-10-01 15:15 - 2021-06-03 15:51 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 15:15 - 2021-06-03 15:51 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by Lucka (31-10-2021 14:01:53)
Running from C:\Users\Lucka\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1288 (X64) (2021-04-02 10:01:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2626799547-1119966308-3382805429-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2626799547-1119966308-3382805429-503 - Limited - Disabled)
Guest (S-1-5-21-2626799547-1119966308-3382805429-501 - Limited - Disabled)
Lucka (S-1-5-21-2626799547-1119966308-3382805429-1001 - Administrator - Enabled) => C:\Users\Lucka
WDAGUtilityAccount (S-1-5-21-2626799547-1119966308-3382805429-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.17.5 - ICEpower a/s)
CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform)
Discord (HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.48 - PandoraTV)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26405 (HKLM-x32\...\{5b295ba9-ef89-4aeb-8acc-b61adb0b9b5f}) (Version: 14.14.26405.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 93.0 (x64 cs)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0 - Mozilla)
Norton Family (HKLM-x32\...\NSM) (Version: 3.8.6.29 - NortonLifeLock Inc.)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.9.25 - NortonLifeLock Inc)
NVIDIA Ovladače grafiky 462.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.59 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)
Packages:
=========
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2021-10-30] (ICEpower)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-31] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-09-03] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2019-07-12] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy [2021-10-30] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
Music Maker Windows Store Edition -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MusicMakerWindowsStoreEdition_26.36.1.0_x86__awcgk3qbzve1y [2021-02-27] (MAGIX Software GmbH)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.25.0_x64__qmba6cd70vzyy [2021-10-29] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-30] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.8.204.0_x64__dt26b99r8h8gj [2021-08-09] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.500.373.0_x86__55nm5eh3cm0pr [2021-10-30] (ROBLOX Corporation)
SpongeBob: Krusty Cook-Off -> C:\Program Files\WindowsApps\TiltingPoint.SpongeBobKrustyCook-Off_1.26.234.0_x64__85kh3h6wfjavg [2021-07-18] (Tilting Point)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2140.12.0_x64__cv1g1gvanyjgm [2021-10-27] (WhatsApp Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2021-01-03] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\nvshext.dll [2021-05-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//asus17win10.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... TR&pc=ASTE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files\Norton Family\Engine\3.8.6.29\coIEPlg.dll [2021-07-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files\Norton Family\Engine32\3.8.6.29\coIEPlg.dll [2021-07-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKU\S-1-5-21-2626799547-1119966308-3382805429-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2626799547-1119966308-3382805429-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucka\Downloads\Snímek obrazovky 2021-05-13 172309.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FB1BD23F-CF34-4A18-997A-A8937E615F86}C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C716E17D-8652-4F69-B3DA-CC11CC339E22}C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lucka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EC09D84-53CB-479F-9028-25C8D968D536}] => (Allow) C:\HRY\ZOO TYCOON 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{107570A2-9EE4-4407-9E6E-02471C62C076}] => (Allow) C:\HRY\ZOO TYCOON 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{37696575-DC17-4869-A571-50977CE31175}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6D7D21D6-4C92-4C6A-9AA8-E14F2214F9A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1733919B-8986-4945-BD41-65DD0DD0DFC4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{F655B786-501B-4D9B-A53F-E1972EA9F8F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{642C2092-8E61-418B-BBAF-5BC1C5BEA856}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AACFE7E-BAC7-4209-99D8-BE7A2F2590A6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{63F4DFF9-633A-485B-9697-03B2636B3761}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48127876-CA36-44DF-9AAA-409CF1B78BFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A27FF16E-65BF-4141-8E2E-0EADB3693E5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{27FE9980-F4E0-44B4-8289-0867163A5A5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18CDCAFC-C98F-4A01-B995-5D8CCA893672}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4F5C023-D4CE-44BE-ACCF-E75CA9098E4B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{72DE2A40-1003-4433-BDC2-225B56C94DFF}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B9A2166C-6A98-4A09-9319-1DBD1A6F96AA}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
18-10-2021 18:07:03 Instalační služba modulů systému Windows
21-10-2021 07:00:56 Instalační služba modulů systému Windows
28-10-2021 10:53:53 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/31/2021 01:47:19 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (10/31/2021 12:22:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.57, časové razítko: 0x6066105d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1288, časové razítko: 0xa280d1d6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff199
ID chybujícího procesu: 0x2b44
Čas spuštění chybující aplikace: 0x01d7ce496c55894c
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 06fb2694-7ab2-4310-835a-9a29ecf8726a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/31/2021 12:21:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.40 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2b9c
Čas spuštění: 01d7ce496e5e4d3b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\identity_helper.exe
ID hlášení: 7f6e35ca-42df-4b6c-a3d9-e8d4fa0cd580
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.38_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/30/2021 06:46:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.38 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 620
Čas spuštění: 01d7cdb6002f972c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.38\identity_helper.exe
ID hlášení: b04b6e05-31ec-442e-b8a7-03355aaa6612
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.30_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/25/2021 01:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Windows10Universal.exe, verze: 0.0.0.0, časové razítko: 0x0b0810b5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x82dc99a2
Kód výjimky: 0xc0000005
Posun chyby: 0x0005fc8e
ID chybujícího procesu: 0x2f0c
Čas spuštění chybující aplikace: 0x01d7c9925b85421f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr\Windows10Universal.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: de2f5cfe-57ef-402a-8f96-85befca29471
Úplný název chybujícího balíčku: ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr
ID aplikace související s chybujícím balíčkem: App
Error: (10/24/2021 08:58:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.30 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 29c8
Čas spuštění: 01d7c8ace381af9e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.30\identity_helper.exe
ID hlášení: 76627f4c-6909-4150-84a7-9ef9484efc3b
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_94.0.992.50_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/22/2021 11:53:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.721.9022.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1dac
Čas spuštění: 01d7c7319bd88974
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
ID hlášení: c1391b62-1656-4778-9885-65248e65bb07
Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Navigation
Error: (10/22/2021 07:58:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Windows10Universal.exe, verze: 0.0.0.0, časové razítko: 0x0b0810b5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x82dc99a2
Kód výjimky: 0xc0000005
Posun chyby: 0x0005fc8e
ID chybujícího procesu: 0xdac
Čas spuštění chybující aplikace: 0x01d7c710f03bf974
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr\Windows10Universal.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 367327eb-ac85-4143-84c7-a200f5b2ad6f
Úplný název chybujícího balíčku: ROBLOXCORPORATION.ROBLOX_2.499.381.0_x86__55nm5eh3cm0pr
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (10/31/2021 01:35:27 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (10/31/2021 01:35:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (10/31/2021 01:33:26 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (10/31/2021 01:33:17 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby LicenseManager s argumenty Není k dispozici za účelem spuštění serveru:
{22F5B1DF-7D7A-4D21-97F8-C21AEFBA859C}
Error: (10/31/2021 01:33:14 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (10/31/2021 01:33:10 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (10/31/2021 01:33:10 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (10/31/2021 01:33:10 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-B2CDN2AA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
CodeIntegrity:
===============
Date: 2021-10-31 13:47:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-10-31 13:47:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X509UB.303 01/10/2020
Motherboard: ASUSTeK COMPUTER INC. X509UB
Processor: Intel(R) Core(TM) i3-7020U CPU @ 2.30GHz
Percentage of memory in use: 63%
Total physical RAM: 8074.01 MB
Available physical RAM: 2911.82 MB
Total Virtual: 15498.01 MB
Available Virtual: 8958.92 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:476.03 GB) (Free:364.62 GB) NTFS
\\?\Volume{0416bb98-0a94-4073-9874-6a3678a6d6a5}\ (RECOVERY) (Fixed) (Total:0.63 GB) (Free:0.16 GB) NTFS
\\?\Volume{dc4866a8-d3ee-4bf1-a953-2bffa1387d76}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: E05B109B)
Partition: GPT.
==================== End of Addition.txt =======================
Každopádně díky za pomoc!