Falešné okno McAfee při webovém prohlížení
Napsal: 11 pro 2021 11:34
Dobrý den,
mohu poprosit o analýzu následujících logů? Občas se zobrazí falešné okno McAfee (viz screenshot). Po kliknutí na okno jsem přesměrován na
https://protectnscan.com/norton-safe-br ... nxi-424e7d
Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Ran by Jarda (administrator) on LAPTOP-37CD8RAU (HP HP 255 G6 Notebook PC) (11-12-2021 11:14:14)
Running from C:\Users\HP\Downloads
Loaded Profiles: Jarda & Marie
Platform: Microsoft Windows 10 Home Version 1909 18363.1556 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Program Files\ProcessExplorer\procexp.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\HP\AppData\Local\Temp\procexp64.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DTUHandler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\...\Run: [MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C3D222-61A0-4EA6-A165-745C313514D7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
Task: {0755E117-5D1A-49C5-999A-D81F7E7C223E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {07E37FB5-8C6A-4844-ABFB-7146BD69B5D3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {1079B16C-ABCC-4034-B054-9A3719BDA463} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1D2FEC74-6417-4417-A198-1E729881E436} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> )
Task: {1D9CFA6D-C728-4D4D-B89A-31C1DF45D13C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-11-29] (HP Inc. -> HP Inc.)
Task: {4816CE4D-534F-4681-8431-30437A4DFD01} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-242109460-1041420098-1020208062-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {4C562E99-8B2E-4669-820E-3E8F270CF225} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1170832 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D342CE-1035-4E61-9F93-2CB157EE447E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2018-01-30] (Google Inc -> Google Inc.)
Task: {5A968164-8FBB-4903-B8F2-A6C249356DC2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {6326C052-B919-4E1B-BD44-21AB52B457E5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {634D0CD0-EC33-4805-999C-22758DEEE18A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-30] (Dropbox, Inc -> DropboxOEM)
Task: {76F66B26-D546-41B2-AF05-E241FABAA1E4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7D40D6DD-0D30-43FC-A5C0-31E9278AB8DB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-12-11] (Avast Software s.r.o. -> Avast Software)
Task: {7DE378EA-614C-4A30-8069-C79506C2285E} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {84383832-5E7F-4395-9947-FDACA41A6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {912528FA-4FFF-4E03-8C92-112E353F5F58} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93A88312-0F8A-429F-9184-C5AAC4D87493} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {960DE844-3753-439F-A95B-CB19B4D805DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2018-01-30] (Google Inc -> Google Inc.)
Task: {AC02F4CF-7EED-4399-9780-16C8A7D8FEB8} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B035BE67-CF9C-488D-B0E1-84F935431244} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C11523D0-048B-408F-8A1B-05307A81B31E} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{728f1cb3-8a90-42d1-8bbb-5ac148a370e6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b078baee-9280-4199-813f-be8140ac648d}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-11]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-12-11]
CHR Notifications: Default -> hxxps://captcharesolverhere.top; hxxps://wizzair.esky.cz; hxxps://www.esky.cz; hxxps://www.nev-dama.cz
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-30]
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-30]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-25]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-30]
CHR Extension: (Tabulky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-28]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-25]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-22]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-03-19] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [550400 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [755736 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [754200 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [751128 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [754712 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222128 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368152 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [185216 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538992 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852752 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [544096 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317680 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [771584 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-11 11:14 - 2021-12-11 11:15 - 000022062 _____ C:\Users\HP\Downloads\FRST.txt
2021-12-11 11:13 - 2021-12-11 11:14 - 000000000 ____D C:\FRST
2021-12-11 11:13 - 2021-12-11 11:13 - 002311168 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2021-12-11 10:45 - 2021-12-11 10:45 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-12-11 10:45 - 2021-12-11 10:45 - 000000000 ____D C:\Program Files\ProcessExplorer
2021-12-11 10:43 - 2021-12-11 10:43 - 000000000 ____D C:\Users\HP\AppData\Local\GHISLER
2021-12-11 10:42 - 2021-12-11 10:43 - 000000000 ____D C:\Program Files\totalcmd
2021-12-11 10:42 - 2021-12-11 10:42 - 008717720 _____ (Ghisler Software GmbH) C:\Users\HP\Downloads\tcmd1000x32_64.exe
2021-12-11 10:42 - 2021-12-11 10:42 - 000000900 _____ C:\Users\HP\Desktop\Total Commander 64 bit.lnk
2021-12-11 10:42 - 2021-12-11 10:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-12-11 10:42 - 2021-12-11 10:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\GHISLER
2021-12-11 10:38 - 2021-12-11 10:47 - 000000000 ____D C:\Users\HP\AppData\Local\Avast Software
2021-12-11 10:38 - 2021-12-11 10:38 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-12-11 10:38 - 2021-12-11 10:38 - 000002155 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-12-11 10:38 - 2021-12-11 10:38 - 000000000 ____D C:\Users\HP\AppData\Roaming\Avast Software
2021-12-11 10:38 - 2021-12-11 10:38 - 000000000 ____D C:\Users\HP\AppData\Local\CEF
2021-12-11 10:36 - 2021-12-11 10:36 - 000852752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000544096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000538992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000368152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-11 10:36 - 2021-12-11 10:36 - 000317680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000222128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000214352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000185216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-11 10:36 - 2021-12-11 10:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-12-11 10:36 - 2021-12-11 10:36 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-12-11 10:35 - 2021-12-11 10:35 - 000000000 ____D C:\Program Files\Avast Software
2021-12-11 10:34 - 2021-12-11 10:51 - 000000000 ____D C:\ProgramData\Avast Software
2021-12-11 10:34 - 2021-12-11 10:34 - 000234280 _____ (AVAST Software) C:\Users\HP\Downloads\avast_free_antivirus_setup_online.exe
2021-12-08 17:35 - 2021-12-08 17:35 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair (2).exe
2021-12-08 17:34 - 2021-12-08 17:34 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair.exe
2021-12-08 17:34 - 2021-12-08 17:34 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair (1).exe
2021-12-06 13:01 - 2021-12-06 13:01 - 000001170 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-11 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-11 10:55 - 2018-01-30 13:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-11 10:37 - 2019-08-12 21:43 - 001842268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-11 10:37 - 2019-03-19 12:55 - 000752292 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-11 10:37 - 2019-03-19 12:55 - 000162732 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-11 10:37 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-12-11 10:36 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-11 10:35 - 2020-11-06 19:49 - 000000000 ___HD C:\$WINDOWS.~BT
2021-12-11 10:34 - 2019-07-29 09:09 - 000000000 ___DC C:\WINDOWS\Panther
2021-12-11 10:30 - 2019-08-12 21:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-11 10:29 - 2019-03-19 05:37 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-12-11 10:29 - 2017-11-07 11:29 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-12-11 08:47 - 2020-06-04 19:42 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:47 - 2020-06-04 19:42 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-10 21:02 - 2019-08-12 21:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-10 18:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-10 18:24 - 2017-05-18 09:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-09 17:24 - 2019-08-12 21:45 - 000494157 _____ C:\WINDOWS\diagwrn.xml
2021-12-09 17:24 - 2019-08-12 21:45 - 000493398 _____ C:\WINDOWS\diagerr.xml
2021-12-09 16:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2021-12-09 10:21 - 2019-11-05 22:19 - 000000000 ____D C:\Users\Marie\AppData\Local\HP_Inc
2021-12-08 13:00 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-08 12:58 - 2019-08-12 21:29 - 000581712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-08 09:55 - 2019-08-12 21:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-12-08 01:25 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files\HP
2021-12-08 01:09 - 2018-03-02 10:28 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2021-12-08 00:56 - 2018-01-30 13:02 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-08 00:56 - 2018-01-30 13:02 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-08 00:50 - 2019-08-12 21:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242109460-1041420098-1020208062-1002
2021-12-08 00:50 - 2019-08-12 21:35 - 000002384 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-07 15:42 - 2018-01-31 09:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-07 15:38 - 2018-01-31 09:10 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-07 12:21 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-07 12:17 - 2019-12-11 15:30 - 000000000 ____D C:\Users\HP\AppData\Local\HP_Inc
2021-12-07 11:50 - 2019-08-12 21:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242109460-1041420098-1020208062-1001
2021-12-07 11:50 - 2019-08-12 21:35 - 000002375 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 13:01 - 2019-12-15 12:59 - 000000000 ____D C:\Users\HP\AppData\Local\HP
2021-12-06 13:01 - 2018-03-17 21:50 - 000000000 ____D C:\Users\Marie\AppData\Local\HP
2021-12-06 13:01 - 2018-03-02 10:28 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2021-12-06 13:01 - 2018-02-28 23:46 - 000000000 ____D C:\Users\Marie\AppData\Local\Hewlett-Packard
2021-12-06 13:01 - 2018-01-31 19:53 - 000000000 ____D C:\Users\HP\AppData\Local\Hewlett-Packard
2021-12-06 13:01 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files (x86)\HP
2021-12-06 13:00 - 2017-05-18 09:09 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-12-06 12:59 - 2018-01-31 19:53 - 000000000 ____D C:\Users\HP\AppData\Roaming\hpqLog
2021-12-06 12:59 - 2017-05-18 09:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-12-06 12:59 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-12-06 12:58 - 2017-05-18 09:09 - 000000000 ____D C:\ProgramData\HP
2021-12-06 12:57 - 2017-05-18 17:43 - 000000000 ____D C:\SWSetup
2021-12-06 12:54 - 2020-06-04 19:43 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-06 12:54 - 2020-06-04 19:43 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-02 22:12 - 2017-05-18 09:15 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-12-02 22:12 - 2017-05-18 09:15 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-12-02 18:44 - 2019-08-12 21:46 - 000003906 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-12-02 18:44 - 2019-08-12 21:46 - 000003674 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-12-02 18:31 - 2018-06-06 19:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021
Ran by Jarda (11-12-2021 11:17:42)
Running from C:\Users\HP\Downloads
Microsoft Windows 10 Home Version 1909 18363.1556 (X64) (2019-08-12 20:46:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-242109460-1041420098-1020208062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-242109460-1041420098-1020208062-503 - Limited - Disabled)
Guest (S-1-5-21-242109460-1041420098-1020208062-501 - Limited - Disabled)
Jarda (S-1-5-21-242109460-1041420098-1020208062-1001 - Administrator - Enabled) => C:\Users\HP
Marie (S-1-5-21-242109460-1041420098-1020208062-1002 - Administrator - Enabled) => C:\Users\Marie
WDAGUtilityAccount (S-1-5-21-242109460-1041420098-1020208062-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0319.1455.26818 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.10.2498 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{83D9E6C0-5F20-49B4-9ACF-80A24A1A045D}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{520F0634-40C0-453F-8C84-4EFAE89989A8}) (Version: 19.60.0 - Intel Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14701.20226 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242109460-1041420098-1020208062-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242109460-1041420098-1020208062-1002\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{8A6AB459-CB4B-4D09-8C1E-337FB59135C4}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{933F6AB3-06F2-4656-B18A-6B92CBCB405F}) (Version: 11804.13 - STORMWARE)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-22] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.12.41.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.207.400.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-11-07] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.11.106.0_x64__v10z8vjag6ke6 [2021-12-08] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_6.0.13.0_x86__h6adky7gbf63m [2021-12-08] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.102.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-01-30] (Plex)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-04-11] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-19] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2016-09-13 01:50 - 2016-09-13 01:50 - 000011776 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 002013696 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-10-20 09:00 - 2021-10-20 09:00 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\037ea9773cc7c33153b90df1f4968701\BRIDGECommon.ni.dll
2021-10-20 09:04 - 2021-10-20 09:04 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b4af5e8a01af8515a3c54ee381bc045b\BridgeExtension.ni.dll
2021-10-20 09:05 - 2021-10-20 09:05 - 000348160 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\6bf1fb5ac6d0ffa56e80353a1f2843e8\CleanStartController.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\ecef5c0b3dc7256c00a55105e31c2f9d\Interop.IWshRuntimeLibrary.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\3a5f06eb06365c79d2bd2d6affe834a1\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-10-20 09:04 - 2021-10-20 09:04 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\f825637369f1038a6c6634780f2686f3\CommonPortable.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\a2750cd7173f9090afc4a460dccc2368\NAudio.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\79ca89ce45d6574b07b31c48a06103cd\Newtonsoft.Json.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\3ec6a75f00b391c4fa6eb9562fbdfc9a\log4net.ni.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005496320 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005804544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000912384 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 001061376 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 003187712 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 002924544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000310784 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005444608 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000277504 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000193024 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1001 -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2021-11-29] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2021-11-29] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5DA44F63-15DB-4739-B23B-02541616CA5B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{D3A1463D-AADC-4EB3-8C16-206C710E9B2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F26EF40B-08E7-42B0-811D-E1C92A56B7D0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{916B94D0-DC6B-42B4-AB8C-2FB9C33D0396}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{2774D2A3-FA97-4F17-A714-283EC7903E9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{785DF6FA-02AC-4133-A4E6-485548349C33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{438E16C7-0035-466A-A8CE-4D709CBE4308}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2D88D32-9880-4F67-9FE3-8B49878C7965}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F2279AC-8443-40B5-A3EA-8B112BD0BF64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{000CA22E-C16D-4EFA-8535-33CF6B09DF93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F10D266-5652-4669-90FF-16FD6D5992D0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1544221-2BB2-42A6-90D6-0A6A736048EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E3BE6918-8B1B-4AC1-9F7B-6D1ED6A90974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF21A7F5-89AF-4E29-8E46-DFF8D210F55A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E598776-1C01-4189-9B3F-1E88E351E744}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BA1A799-7DB2-4897-8B77-9EE420C007FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C17F77B5-1F58-492B-9B8D-FC6B0FA92D9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F631593-D177-4F14-955E-46DE815339FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{975440E3-B803-43E0-BB4C-C52C591853E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA83BE8D-0BC4-4DBD-AC85-C1913F35B3DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1645F377-4867-4605-9A88-994189DFAD4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5741F9C9-68FC-41C7-8593-6FFBCB601CB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49F1C28C-F5AE-4DC5-BB52-317485A31BC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB417F73-735B-428B-9F11-5881B53BC62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5230F88-B231-4098-ACC5-2AADDA1471FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{35A125B5-754D-4B90-823B-17F8CC64A240}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
20-10-2021 07:15:40 Windows Update
07-12-2021 15:37:36 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/11/2021 10:36:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2836,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/11/2021 10:22:05 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/11/2021 10:12:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DropboxOEM.exe, verze: 4.1.2.0, časové razítko: 0x583f770e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.1474, časové razítko: 0xf0a6699c
Kód výjimky: 0xe0434352
Posun chyby: 0x001146d2
ID chybujícího procesu: 0x2960
Čas spuštění chybující aplikace: 0x01d7ee6f228c5de5
Cesta k chybující aplikaci: C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e1c10e18-dd1e-4693-a6f9-f74d87a5a777
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/11/2021 10:12:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DropboxOEM.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Xml.XmlException
na System.Xml.XmlTextReaderImpl.Throw(System.Exception)
na System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[])
na System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef)
na System.Xml.XmlTextReaderImpl.ParseText()
na System.Xml.XmlTextReaderImpl.ParseElementContent()
na System.Xml.XmlTextReaderImpl.Read()
na System.Xml.XmlTextReader.Read()
na System.Xml.XmlTextReaderImpl.Skip()
na System.Xml.XmlTextReader.Skip()
na System.Configuration.XmlUtil.StrictSkipToNextElement(System.Configuration.ExceptionAction)
na System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean)
na System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean)
na System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil)
na System.Configuration.BaseConfigurationRecord.InitConfigFromFile()
Informace o výjimce: System.Configuration.ConfigurationErrorsException
na System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean)
na System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors)
na System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors()
na System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs)
Informace o výjimce: System.Configuration.ConfigurationErrorsException
na System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs)
na System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs)
na System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord)
na System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
na System.Configuration.BaseConfigurationRecord.GetSection(System.String)
na System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
na System.Configuration.ConfigurationManager.GetSection(System.String)
na System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
na System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
na System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
na System.Configuration.SettingsBase.GetPropertyValueByName(System.String)
na System.Configuration.SettingsBase.get_Item(System.String)
na System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String)
na System.Configuration.ApplicationSettingsBase.get_Item(System.String)
na DropboxOEM.Properties.Settings.get_ForegroundProcessPriority()
na DropboxOEM.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na DropboxOEM.App.Main()
Error: (12/11/2021 08:06:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3512,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 10:12:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 09:21:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 09:08:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10264,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/11/2021 11:02:37 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:35:34 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:16:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:16:43 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:11:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/11/2021 10:11:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (12/11/2021 07:58:57 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 07:58:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-12-09 12:47:58.683
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BC999D4E-0424-4862-A3E8-EFD3E810A77E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-12-02 18:30:46.187
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3040F63C-B9DC-4F87-8638-B5EFC7274FF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2021-10-20 08:25:26.983
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ED7EF405-BC73-4851-BCA8-9A9C49A677B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-22 12:22:13.087
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {963FCF0A-224E-4C02-A332-592EF6D6297B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-06 18:42:39.341
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {482BCF45-7C29-41CA-8EF8-D44C4D0D2885}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-12-06 12:53:11.310
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:53:11.308
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:53:11.306
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:52:01.926
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2023.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2021-12-02 18:28:55.157
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.1967.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
==================== Memory info ===========================
BIOS: Insyde F.13 09/07/2017
Motherboard: HP 8330
Processor: AMD A6-9220 RADEON R4, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 88%
Total physical RAM: 3981.68 MB
Available physical RAM: 452.61 MB
Total Virtual: 5753.25 MB
Available Virtual: 1054.11 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.85 GB) (Free:87.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.39 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{bb21006b-e1c2-46cc-af9b-f04b5d99354e}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{49195bd8-992a-42c8-8f2f-6bbdb9d91f04}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FB04E0DD)
Partition: GPT.
==================== End of Addition.txt =======================
mohu poprosit o analýzu následujících logů? Občas se zobrazí falešné okno McAfee (viz screenshot). Po kliknutí na okno jsem přesměrován na
https://protectnscan.com/norton-safe-br ... nxi-424e7d
Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Ran by Jarda (administrator) on LAPTOP-37CD8RAU (HP HP 255 G6 Notebook PC) (11-12-2021 11:14:14)
Running from C:\Users\HP\Downloads
Loaded Profiles: Jarda & Marie
Platform: Microsoft Windows 10 Home Version 1909 18363.1556 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Program Files\ProcessExplorer\procexp.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\HP\AppData\Local\Temp\procexp64.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DTUHandler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\...\Run: [MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C3D222-61A0-4EA6-A165-745C313514D7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
Task: {0755E117-5D1A-49C5-999A-D81F7E7C223E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {07E37FB5-8C6A-4844-ABFB-7146BD69B5D3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {1079B16C-ABCC-4034-B054-9A3719BDA463} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1D2FEC74-6417-4417-A198-1E729881E436} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> )
Task: {1D9CFA6D-C728-4D4D-B89A-31C1DF45D13C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-11-29] (HP Inc. -> HP Inc.)
Task: {4816CE4D-534F-4681-8431-30437A4DFD01} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-242109460-1041420098-1020208062-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {4C562E99-8B2E-4669-820E-3E8F270CF225} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1170832 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D342CE-1035-4E61-9F93-2CB157EE447E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2018-01-30] (Google Inc -> Google Inc.)
Task: {5A968164-8FBB-4903-B8F2-A6C249356DC2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {6326C052-B919-4E1B-BD44-21AB52B457E5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {634D0CD0-EC33-4805-999C-22758DEEE18A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-30] (Dropbox, Inc -> DropboxOEM)
Task: {76F66B26-D546-41B2-AF05-E241FABAA1E4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7D40D6DD-0D30-43FC-A5C0-31E9278AB8DB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-12-11] (Avast Software s.r.o. -> Avast Software)
Task: {7DE378EA-614C-4A30-8069-C79506C2285E} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {84383832-5E7F-4395-9947-FDACA41A6429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {912528FA-4FFF-4E03-8C92-112E353F5F58} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93A88312-0F8A-429F-9184-C5AAC4D87493} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {960DE844-3753-439F-A95B-CB19B4D805DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2018-01-30] (Google Inc -> Google Inc.)
Task: {AC02F4CF-7EED-4399-9780-16C8A7D8FEB8} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B035BE67-CF9C-488D-B0E1-84F935431244} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C11523D0-048B-408F-8A1B-05307A81B31E} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{728f1cb3-8a90-42d1-8bbb-5ac148a370e6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b078baee-9280-4199-813f-be8140ac648d}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-11]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-12-11]
CHR Notifications: Default -> hxxps://captcharesolverhere.top; hxxps://wizzair.esky.cz; hxxps://www.esky.cz; hxxps://www.nev-dama.cz
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-30]
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-30]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-25]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-30]
CHR Extension: (Tabulky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-28]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-25]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-22]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-03-19] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [550400 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [755736 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [754200 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [751128 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [754712 2021-11-29] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222128 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368152 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [185216 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538992 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852752 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [544096 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214352 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317680 2021-12-11] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [771584 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [6656 2021-07-26] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-11 11:14 - 2021-12-11 11:15 - 000022062 _____ C:\Users\HP\Downloads\FRST.txt
2021-12-11 11:13 - 2021-12-11 11:14 - 000000000 ____D C:\FRST
2021-12-11 11:13 - 2021-12-11 11:13 - 002311168 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2021-12-11 10:45 - 2021-12-11 10:45 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-12-11 10:45 - 2021-12-11 10:45 - 000000000 ____D C:\Program Files\ProcessExplorer
2021-12-11 10:43 - 2021-12-11 10:43 - 000000000 ____D C:\Users\HP\AppData\Local\GHISLER
2021-12-11 10:42 - 2021-12-11 10:43 - 000000000 ____D C:\Program Files\totalcmd
2021-12-11 10:42 - 2021-12-11 10:42 - 008717720 _____ (Ghisler Software GmbH) C:\Users\HP\Downloads\tcmd1000x32_64.exe
2021-12-11 10:42 - 2021-12-11 10:42 - 000000900 _____ C:\Users\HP\Desktop\Total Commander 64 bit.lnk
2021-12-11 10:42 - 2021-12-11 10:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-12-11 10:42 - 2021-12-11 10:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\GHISLER
2021-12-11 10:38 - 2021-12-11 10:47 - 000000000 ____D C:\Users\HP\AppData\Local\Avast Software
2021-12-11 10:38 - 2021-12-11 10:38 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-12-11 10:38 - 2021-12-11 10:38 - 000002155 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-12-11 10:38 - 2021-12-11 10:38 - 000000000 ____D C:\Users\HP\AppData\Roaming\Avast Software
2021-12-11 10:38 - 2021-12-11 10:38 - 000000000 ____D C:\Users\HP\AppData\Local\CEF
2021-12-11 10:36 - 2021-12-11 10:36 - 000852752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000544096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000538992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000368152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-11 10:36 - 2021-12-11 10:36 - 000317680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000222128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000214352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000185216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-12-11 10:36 - 2021-12-11 10:36 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-11 10:36 - 2021-12-11 10:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-12-11 10:36 - 2021-12-11 10:36 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-12-11 10:35 - 2021-12-11 10:35 - 000000000 ____D C:\Program Files\Avast Software
2021-12-11 10:34 - 2021-12-11 10:51 - 000000000 ____D C:\ProgramData\Avast Software
2021-12-11 10:34 - 2021-12-11 10:34 - 000234280 _____ (AVAST Software) C:\Users\HP\Downloads\avast_free_antivirus_setup_online.exe
2021-12-08 17:35 - 2021-12-08 17:35 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair (2).exe
2021-12-08 17:34 - 2021-12-08 17:34 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair.exe
2021-12-08 17:34 - 2021-12-08 17:34 - 000586224 _____ (Reimage) C:\Users\HP\Downloads\ReimageRepair (1).exe
2021-12-06 13:01 - 2021-12-06 13:01 - 000001170 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-11 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-11 10:55 - 2018-01-30 13:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-11 10:37 - 2019-08-12 21:43 - 001842268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-11 10:37 - 2019-03-19 12:55 - 000752292 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-11 10:37 - 2019-03-19 12:55 - 000162732 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-11 10:37 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-12-11 10:36 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-11 10:35 - 2020-11-06 19:49 - 000000000 ___HD C:\$WINDOWS.~BT
2021-12-11 10:34 - 2019-07-29 09:09 - 000000000 ___DC C:\WINDOWS\Panther
2021-12-11 10:30 - 2019-08-12 21:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-11 10:29 - 2019-03-19 05:37 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-12-11 10:29 - 2017-11-07 11:29 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-12-11 08:47 - 2020-06-04 19:42 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:47 - 2020-06-04 19:42 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-10 21:02 - 2019-08-12 21:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-10 18:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-10 18:24 - 2017-05-18 09:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-09 17:24 - 2019-08-12 21:45 - 000494157 _____ C:\WINDOWS\diagwrn.xml
2021-12-09 17:24 - 2019-08-12 21:45 - 000493398 _____ C:\WINDOWS\diagerr.xml
2021-12-09 16:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2021-12-09 10:21 - 2019-11-05 22:19 - 000000000 ____D C:\Users\Marie\AppData\Local\HP_Inc
2021-12-08 13:00 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-08 12:58 - 2019-08-12 21:29 - 000581712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-08 09:55 - 2019-08-12 21:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-12-08 01:25 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files\HP
2021-12-08 01:09 - 2018-03-02 10:28 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2021-12-08 00:56 - 2018-01-30 13:02 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-08 00:56 - 2018-01-30 13:02 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-08 00:50 - 2019-08-12 21:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242109460-1041420098-1020208062-1002
2021-12-08 00:50 - 2019-08-12 21:35 - 000002384 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-07 15:42 - 2018-01-31 09:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-07 15:38 - 2018-01-31 09:10 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-07 12:21 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-07 12:17 - 2019-12-11 15:30 - 000000000 ____D C:\Users\HP\AppData\Local\HP_Inc
2021-12-07 11:50 - 2019-08-12 21:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242109460-1041420098-1020208062-1001
2021-12-07 11:50 - 2019-08-12 21:35 - 000002375 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 13:01 - 2019-12-15 12:59 - 000000000 ____D C:\Users\HP\AppData\Local\HP
2021-12-06 13:01 - 2018-03-17 21:50 - 000000000 ____D C:\Users\Marie\AppData\Local\HP
2021-12-06 13:01 - 2018-03-02 10:28 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2021-12-06 13:01 - 2018-02-28 23:46 - 000000000 ____D C:\Users\Marie\AppData\Local\Hewlett-Packard
2021-12-06 13:01 - 2018-01-31 19:53 - 000000000 ____D C:\Users\HP\AppData\Local\Hewlett-Packard
2021-12-06 13:01 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files (x86)\HP
2021-12-06 13:00 - 2017-05-18 09:09 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-12-06 12:59 - 2018-01-31 19:53 - 000000000 ____D C:\Users\HP\AppData\Roaming\hpqLog
2021-12-06 12:59 - 2017-05-18 09:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-12-06 12:59 - 2017-05-18 09:08 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-12-06 12:58 - 2017-05-18 09:09 - 000000000 ____D C:\ProgramData\HP
2021-12-06 12:57 - 2017-05-18 17:43 - 000000000 ____D C:\SWSetup
2021-12-06 12:54 - 2020-06-04 19:43 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-06 12:54 - 2020-06-04 19:43 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-02 22:12 - 2017-05-18 09:15 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-12-02 22:12 - 2017-05-18 09:15 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-12-02 18:44 - 2019-08-12 21:46 - 000003906 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-12-02 18:44 - 2019-08-12 21:46 - 000003674 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-12-02 18:31 - 2018-06-06 19:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021
Ran by Jarda (11-12-2021 11:17:42)
Running from C:\Users\HP\Downloads
Microsoft Windows 10 Home Version 1909 18363.1556 (X64) (2019-08-12 20:46:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-242109460-1041420098-1020208062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-242109460-1041420098-1020208062-503 - Limited - Disabled)
Guest (S-1-5-21-242109460-1041420098-1020208062-501 - Limited - Disabled)
Jarda (S-1-5-21-242109460-1041420098-1020208062-1001 - Administrator - Enabled) => C:\Users\HP
Marie (S-1-5-21-242109460-1041420098-1020208062-1002 - Administrator - Enabled) => C:\Users\Marie
WDAGUtilityAccount (S-1-5-21-242109460-1041420098-1020208062-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0319.1455.26818 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.10.2498 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{83D9E6C0-5F20-49B4-9ACF-80A24A1A045D}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{520F0634-40C0-453F-8C84-4EFAE89989A8}) (Version: 19.60.0 - Intel Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14701.20226 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242109460-1041420098-1020208062-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242109460-1041420098-1020208062-1002\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{8A6AB459-CB4B-4D09-8C1E-337FB59135C4}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{933F6AB3-06F2-4656-B18A-6B92CBCB405F}) (Version: 11804.13 - STORMWARE)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-22] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.12.41.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.207.400.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-11-07] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.11.106.0_x64__v10z8vjag6ke6 [2021-12-08] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_6.0.13.0_x86__h6adky7gbf63m [2021-12-08] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.102.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-01-30] (Plex)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-04-11] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-19] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2016-09-13 01:50 - 2016-09-13 01:50 - 000011776 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 002013696 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-10-20 09:00 - 2021-10-20 09:00 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\037ea9773cc7c33153b90df1f4968701\BRIDGECommon.ni.dll
2021-10-20 09:04 - 2021-10-20 09:04 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b4af5e8a01af8515a3c54ee381bc045b\BridgeExtension.ni.dll
2021-10-20 09:05 - 2021-10-20 09:05 - 000348160 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\6bf1fb5ac6d0ffa56e80353a1f2843e8\CleanStartController.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\ecef5c0b3dc7256c00a55105e31c2f9d\Interop.IWshRuntimeLibrary.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\3a5f06eb06365c79d2bd2d6affe834a1\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-10-20 09:04 - 2021-10-20 09:04 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\f825637369f1038a6c6634780f2686f3\CommonPortable.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\a2750cd7173f9090afc4a460dccc2368\NAudio.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\79ca89ce45d6574b07b31c48a06103cd\Newtonsoft.Json.ni.dll
2021-10-20 09:06 - 2021-10-20 09:06 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\3ec6a75f00b391c4fa6eb9562fbdfc9a\log4net.ni.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005496320 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005804544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000912384 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 001061376 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 003187712 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 002924544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000310784 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 005444608 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000277504 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 000193024 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1001 -> {932C0537-6624-434A-BD65-B31AE12B5243} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-242109460-1041420098-1020208062-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2021-11-29] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2021-11-29] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242109460-1041420098-1020208062-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-242109460-1041420098-1020208062-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5DA44F63-15DB-4739-B23B-02541616CA5B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{D3A1463D-AADC-4EB3-8C16-206C710E9B2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F26EF40B-08E7-42B0-811D-E1C92A56B7D0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{916B94D0-DC6B-42B4-AB8C-2FB9C33D0396}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{2774D2A3-FA97-4F17-A714-283EC7903E9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{785DF6FA-02AC-4133-A4E6-485548349C33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{438E16C7-0035-466A-A8CE-4D709CBE4308}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2D88D32-9880-4F67-9FE3-8B49878C7965}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F2279AC-8443-40B5-A3EA-8B112BD0BF64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{000CA22E-C16D-4EFA-8535-33CF6B09DF93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F10D266-5652-4669-90FF-16FD6D5992D0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1544221-2BB2-42A6-90D6-0A6A736048EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E3BE6918-8B1B-4AC1-9F7B-6D1ED6A90974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF21A7F5-89AF-4E29-8E46-DFF8D210F55A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E598776-1C01-4189-9B3F-1E88E351E744}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BA1A799-7DB2-4897-8B77-9EE420C007FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C17F77B5-1F58-492B-9B8D-FC6B0FA92D9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F631593-D177-4F14-955E-46DE815339FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{975440E3-B803-43E0-BB4C-C52C591853E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA83BE8D-0BC4-4DBD-AC85-C1913F35B3DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1645F377-4867-4605-9A88-994189DFAD4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5741F9C9-68FC-41C7-8593-6FFBCB601CB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49F1C28C-F5AE-4DC5-BB52-317485A31BC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB417F73-735B-428B-9F11-5881B53BC62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5230F88-B231-4098-ACC5-2AADDA1471FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{35A125B5-754D-4B90-823B-17F8CC64A240}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
20-10-2021 07:15:40 Windows Update
07-12-2021 15:37:36 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/11/2021 10:36:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2836,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/11/2021 10:22:05 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/11/2021 10:12:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DropboxOEM.exe, verze: 4.1.2.0, časové razítko: 0x583f770e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.1474, časové razítko: 0xf0a6699c
Kód výjimky: 0xe0434352
Posun chyby: 0x001146d2
ID chybujícího procesu: 0x2960
Čas spuštění chybující aplikace: 0x01d7ee6f228c5de5
Cesta k chybující aplikaci: C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e1c10e18-dd1e-4693-a6f9-f74d87a5a777
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/11/2021 10:12:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DropboxOEM.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Xml.XmlException
na System.Xml.XmlTextReaderImpl.Throw(System.Exception)
na System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[])
na System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef)
na System.Xml.XmlTextReaderImpl.ParseText()
na System.Xml.XmlTextReaderImpl.ParseElementContent()
na System.Xml.XmlTextReaderImpl.Read()
na System.Xml.XmlTextReader.Read()
na System.Xml.XmlTextReaderImpl.Skip()
na System.Xml.XmlTextReader.Skip()
na System.Configuration.XmlUtil.StrictSkipToNextElement(System.Configuration.ExceptionAction)
na System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean)
na System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean)
na System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil)
na System.Configuration.BaseConfigurationRecord.InitConfigFromFile()
Informace o výjimce: System.Configuration.ConfigurationErrorsException
na System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean)
na System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors)
na System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors()
na System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs)
Informace o výjimce: System.Configuration.ConfigurationErrorsException
na System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs)
na System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs)
na System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord)
na System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
na System.Configuration.BaseConfigurationRecord.GetSection(System.String)
na System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
na System.Configuration.ConfigurationManager.GetSection(System.String)
na System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
na System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
na System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
na System.Configuration.SettingsBase.GetPropertyValueByName(System.String)
na System.Configuration.SettingsBase.get_Item(System.String)
na System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String)
na System.Configuration.ApplicationSettingsBase.get_Item(System.String)
na DropboxOEM.Properties.Settings.get_ForegroundProcessPriority()
na DropboxOEM.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na DropboxOEM.App.Main()
Error: (12/11/2021 08:06:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3512,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 10:12:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 09:21:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/10/2021 09:08:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10264,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/11/2021 11:02:37 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:35:34 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:16:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:16:43 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 10:11:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/11/2021 10:11:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (12/11/2021 07:58:57 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/11/2021 07:58:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-37CD8RAU)
Description: Server Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-12-09 12:47:58.683
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BC999D4E-0424-4862-A3E8-EFD3E810A77E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-12-02 18:30:46.187
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3040F63C-B9DC-4F87-8638-B5EFC7274FF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2021-10-20 08:25:26.983
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ED7EF405-BC73-4851-BCA8-9A9C49A677B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-22 12:22:13.087
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {963FCF0A-224E-4C02-A332-592EF6D6297B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-06 18:42:39.341
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {482BCF45-7C29-41CA-8EF8-D44C4D0D2885}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-12-06 12:53:11.310
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:53:11.308
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:53:11.306
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2162.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-12-06 12:52:01.926
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.2023.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2021-12-02 18:28:55.157
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.1967.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
==================== Memory info ===========================
BIOS: Insyde F.13 09/07/2017
Motherboard: HP 8330
Processor: AMD A6-9220 RADEON R4, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 88%
Total physical RAM: 3981.68 MB
Available physical RAM: 452.61 MB
Total Virtual: 5753.25 MB
Available Virtual: 1054.11 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.85 GB) (Free:87.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.39 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{bb21006b-e1c2-46cc-af9b-f04b5d99354e}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{49195bd8-992a-42c8-8f2f-6bbdb9d91f04}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FB04E0DD)
Partition: GPT.
==================== End of Addition.txt =======================