VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu z FRST

https://forum.viry.cz:443/viewtopic.php?t=158601

Stránka 1 z 1

Prosím o kontrolu logu z FRST

Napsal: 22 bře 2022 22:04
od Krtek77
Zdravím,
po zapnutí PC a po připojení a odpojení manželčina telefonu (a zároveň jsem byl na facebooku) se mi zbláznilo AVG a začalo vyhazovat oznámení (celkem 96) "Zablokována hrozba....soubor [jméno - hodně číslic a písmen] byl přesunut do karantény, protože v něm byla objevena hroba VBS:Gamaredon-CM [Apt]"

Následně jsem smazal z karantény tyto soubory a udělal jsem sken PC pomocí malwarebytes i AVG a nic to nenašlo.
Prosím tedy pro klid duše o kontrolu logu z FRST.
Díky


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022
Ran by tkrpe (administrator) on DESKTOP-BFAJQ2D (Micro-Star International Co., Ltd. MS-7B87) (22-03-2022 21:50:23)
Running from C:\Users\tkrpe\Desktop
Loaded Profiles: tkrpe
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1586 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(A-Volute SAS -> A-Volute) C:\Users\tkrpe\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Razer USA Ltd. -> Razer Inc.) [File not signed] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
(svchost.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [190904 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [599056 2021-10-28] (Razer USA Ltd. -> Razer Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\tkrpe\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-03-30] () [File not signed]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (No File)
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {00d7d431-aa03-11ec-a8c1-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b696641-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b6967d5-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {ec07a370-d681-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2020-09-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2020-09-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01665AD6-6E2D-4D73-A92C-1A86C2461F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {08BD7B85-4101-4094-A0B3-F0628C110BD9} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {32BA4FF0-3B73-4FAB-A250-B713EBF56326} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3B41C374-0FA3-47A7-8A44-CD5FB88B60B6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2332984 2022-03-07] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {470E4CBA-710B-472A-A34C-7A06233F3988} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4F07AEE5-E7EE-4241-83D5-097D858758DC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {583BEE35-1C5F-4E15-8010-7637BD271282} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7D76B027-E48E-43F2-85C0-64C307F6CA26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F36CBF7-D28A-496C-A6D9-6D7AC936FD96} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8C8225C4-93AE-4E73-BE18-DD9EDA1FFB88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {92061CE5-7523-49B3-972C-C1B005F455C7} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [355840 2021-10-05] (Advanced Micro Devices, Inc.) [File not signed]
Task: {96EC998D-2C84-4E1D-9565-96142B30316A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5026232 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {AC18BA57-2658-4358-8E3B-D7B0ECACCB72} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B001D595-4EB3-4E05-AB62-4B073AFF520E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AMDInstallLauncher" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AMDLinkUpdate" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AMDRyzenMasterSDKTask" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\ModifyLinkUpdate" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\RTSS" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {B969FEF2-BA81-4F73-8A49-9535DEA4056C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {CB660A54-25D9-4B98-A54F-C69FC129C2E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4D21378-117C-4DE7-8E60-CCED8DB24DAF} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [417160 2021-02-27] (Alexey Nicolaychuk -> )
Task: {D602437E-A652-4052-BAAB-F1F221E1CD48} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E13D3BBD-A3F4-4DAB-90A4-101F6ED459E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAFFE63A-B0D6-42F7-AA67-8FDC45166900} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{09d4c20e-0c2b-4750-8bdb-0a44d5f5893a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{904ad7cb-90a6-4b5a-925c-a1b3caae4380}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bd3f4503-c6be-4827-81de-e06d44f03454}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bf4cbe26-8f0b-48c7-b859-142f3864e664}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\tkrpe\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-22]

FireFox:
========
FF DefaultProfile: 66uq2n4o.default
FF ProfilePath: C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\66uq2n4o.default [2019-12-10]
FF ProfilePath: C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330 [2022-03-22]
FF Homepage: Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330 -> hxxps://www.seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-22]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2022-03-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2020-02-04] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [596920 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1943992 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [596920 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8519280 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9199512 2018-02-26] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-03] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-02-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-02-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2020-07-10] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WPSService20; C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe [96768 2017-11-24] () [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-01-14] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [226464 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [369768 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [253040 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99424 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41488 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [267000 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [544880 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107992 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83056 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [854416 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [551576 2022-03-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215024 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [318872 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-03-22] (Malwarebytes Inc -> Malwarebytes)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12041824 2020-04-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51216 2016-05-12] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S2 AMDRyzenMasterDriverV17; \??\C:\Program Files\AMD\CNext\CNext\AMDRyzenMasterDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-22 21:48 - 2022-03-22 21:50 - 000027992 _____ C:\Users\tkrpe\Desktop\FRST.txt
2022-03-22 21:44 - 2022-03-22 21:50 - 000000000 ____D C:\FRST
2022-03-22 21:43 - 2022-03-22 21:42 - 002364928 _____ (Farbar) C:\Users\tkrpe\Desktop\FRST64.exe
2022-03-22 19:36 - 2022-03-22 19:37 - 000001378 _____ C:\Users\tkrpe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-03-22 19:36 - 2022-03-22 19:36 - 000000000 ____D C:\Users\tkrpe\AppData\Local\ESET
2022-03-22 18:56 - 2022-03-22 18:56 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-03-22 18:56 - 2022-03-22 18:56 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-03-22 18:56 - 2022-03-22 18:56 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-03-22 18:56 - 2022-03-22 18:56 - 000000004 ____H C:\ProgramData\cm-lock
2022-03-22 18:40 - 2022-03-22 18:40 - 000000000 ___HD C:\$AV_AVG
2022-03-11 13:19 - 2022-03-11 13:19 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 13:19 - 2022-03-11 13:19 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 13:19 - 2022-03-11 13:19 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 13:19 - 2022-03-11 13:19 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 13:19 - 2022-03-11 13:19 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-11 13:19 - 2022-03-11 13:19 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 13:12 - 2022-03-11 13:12 - 000000000 ___HD C:\$WinREAgent
2022-03-03 20:23 - 2022-03-03 20:23 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-27 22:20 - 2022-02-27 22:20 - 000000000 ____D C:\Users\tkrpe\AppData\Local\ATI
2022-02-26 12:49 - 2022-02-26 12:49 - 000000779 _____ C:\Users\Public\Desktop\Crysis 3.lnk
2022-02-20 19:51 - 2022-02-20 19:51 - 000337336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2022-02-20 19:51 - 2022-02-20 19:51 - 000215024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-22 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-22 21:21 - 2020-07-28 20:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-22 20:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-22 20:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-22 20:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-22 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-22 20:37 - 2021-11-20 20:47 - 000000000 ____D C:\Days Gone
2022-03-22 19:23 - 2022-02-15 17:52 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-22 19:23 - 2021-11-03 20:17 - 000002574 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-03-22 19:23 - 2021-11-03 20:15 - 000002732 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2022-03-22 19:23 - 2021-11-03 20:15 - 000002566 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-03-22 19:23 - 2021-11-03 20:14 - 000002460 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2022-03-22 19:23 - 2021-07-21 20:13 - 000002262 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-03-22 19:23 - 2021-07-21 20:13 - 000002182 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-03-22 19:23 - 2021-06-08 22:55 - 000002474 _____ C:\WINDOWS\system32\Tasks\RTSS
2022-03-22 19:23 - 2020-07-28 20:12 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-22 19:23 - 2020-07-28 20:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-22 19:23 - 2020-07-28 20:12 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-22 19:23 - 2020-07-28 20:12 - 000003310 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-03-22 19:23 - 2020-07-28 20:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-03-22 19:22 - 2019-12-10 23:10 - 000000000 ____D C:\Users\tkrpe\AppData\LocalLow\Mozilla
2022-03-22 19:16 - 2021-10-09 22:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-22 19:03 - 2020-07-28 20:12 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-22 19:03 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-22 19:03 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-22 18:57 - 2020-01-03 23:48 - 000000000 ____D C:\Users\tkrpe\AppData\Local\CrashDumps
2022-03-22 18:56 - 2021-03-25 20:48 - 000000000 ____D C:\Users\tkrpe\AppData\LocalLow\IGDump
2022-03-22 18:56 - 2020-07-28 20:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-22 18:56 - 2020-07-28 20:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-22 18:56 - 2019-12-11 00:49 - 000000000 ____D C:\ProgramData\AVG
2022-03-22 18:56 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-22 18:48 - 2021-03-16 01:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-22 18:48 - 2019-12-10 23:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-22 18:47 - 2019-12-10 23:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-22 18:21 - 2021-01-02 19:12 - 000000000 ____D C:\Users\tkrpe\AppData\Local\AMD_Common
2022-03-22 18:15 - 2022-01-18 21:20 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-22 18:11 - 2020-06-05 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-12 18:10 - 2020-01-28 21:22 - 000000000 ____D C:\Users\tkrpe\AppData\Roaming\vlc
2022-03-11 19:35 - 2021-01-28 23:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 19:35 - 2019-12-10 23:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 19:33 - 2019-12-10 23:03 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-11 17:52 - 2019-12-11 01:03 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-11 15:04 - 2020-07-28 20:07 - 005199904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 15:03 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-11 15:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 15:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 13:32 - 2019-12-10 22:32 - 000000000 ____D C:\Users\tkrpe\AppData\Local\D3DSCache
2022-03-11 13:19 - 2020-07-28 20:09 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-03 20:23 - 2020-08-18 20:38 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-03 20:23 - 2019-12-11 00:43 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-03 20:22 - 2019-12-11 00:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-03 20:22 - 2019-12-11 00:42 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-03 20:21 - 2019-12-11 00:50 - 000551576 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2022-03-03 01:07 - 2021-01-10 15:05 - 000000000 ____D C:\Users\tkrpe\AppData\Roaming\Origin
2022-03-03 01:07 - 2021-01-10 15:05 - 000000000 ____D C:\ProgramData\Origin
2022-03-02 21:21 - 2020-02-01 21:00 - 000000000 ____D C:\Users\tkrpe\AppData\Local\Origin
2022-02-25 23:48 - 2021-10-03 21:18 - 000000000 ____D C:\Users\tkrpe\Desktop\Hotovo
2022-02-21 21:15 - 2020-03-03 22:21 - 000000000 ____D C:\Users\tkrpe\Desktop\dům
2022-02-21 21:15 - 2020-02-04 21:08 - 000000000 ____D C:\Users\tkrpe\Graphisoft
2022-02-20 19:51 - 2020-10-25 16:39 - 000267000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2022-02-20 19:51 - 2020-04-21 20:47 - 000544880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000854416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000369768 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000318872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000253040 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000226464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000107992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000099424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000083056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2022-02-20 19:51 - 2019-12-11 00:50 - 000041488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2022-02-20 19:51 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories ========

2020-01-08 23:39 - 2022-02-02 21:28 - 000007652 _____ () C:\Users\tkrpe\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.00 07/13/2018
Motherboard: Micro-Star International Co., Ltd. B450M GAMING PLUS (MS-7B87)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 39%
Total physical RAM: 16335.2 MB
Available physical RAM: 9861.15 MB
Total Virtual: 22223.2 MB
Available Virtual: 11889.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.01 GB) (Free:284.94 GB) NTFS
Drive e: () (Fixed) (Total:2794.5 GB) (Free:1062.25 GB) NTFS

\\?\Volume{bfd4a860-e51b-4e65-bc0e-063119748902}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{0242298c-7d4e-4f4d-abb7-d440655088ff}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{47674ca8-bacb-49d3-9538-40a9d28ced80}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 10:35
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 18:09
od Krtek77
Posílám log z AdwCleaner.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-23-2022
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1871 octets] - [23/03/2022 18:06:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 18:49
od Rudy
Dejte nové logy FRST+Addition.

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 19:00
od Krtek77
Posílám nové logy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022
Ran by tkrpe (administrator) on DESKTOP-BFAJQ2D (Micro-Star International Co., Ltd. MS-7B87) (23-03-2022 18:57:14)
Running from C:\Users\tkrpe\Desktop
Loaded Profiles: tkrpe
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1586 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(A-Volute SAS -> A-Volute) C:\Users\tkrpe\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [190904 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [599056 2021-10-28] (Razer USA Ltd. -> Razer Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\tkrpe\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-03-30] () [File not signed]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {00d7d431-aa03-11ec-a8c1-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b696641-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b6967d5-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {ec07a370-d681-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2020-09-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2020-09-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01665AD6-6E2D-4D73-A92C-1A86C2461F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {08BD7B85-4101-4094-A0B3-F0628C110BD9} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {32BA4FF0-3B73-4FAB-A250-B713EBF56326} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3B41C374-0FA3-47A7-8A44-CD5FB88B60B6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2332984 2022-03-07] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {4F07AEE5-E7EE-4241-83D5-097D858758DC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {583BEE35-1C5F-4E15-8010-7637BD271282} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7D76B027-E48E-43F2-85C0-64C307F6CA26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8944503E-3306-4040-8673-AD111639292C} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8C8225C4-93AE-4E73-BE18-DD9EDA1FFB88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {92061CE5-7523-49B3-972C-C1B005F455C7} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [355840 2021-10-05] (Advanced Micro Devices, Inc.) [File not signed]
Task: {96EC998D-2C84-4E1D-9565-96142B30316A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5026232 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {AC18BA57-2658-4358-8E3B-D7B0ECACCB72} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B001D595-4EB3-4E05-AB62-4B073AFF520E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB660A54-25D9-4B98-A54F-C69FC129C2E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4D21378-117C-4DE7-8E60-CCED8DB24DAF} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [417160 2021-02-27] (Alexey Nicolaychuk -> )
Task: {D602437E-A652-4052-BAAB-F1F221E1CD48} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F74192-82B5-4728-9C17-C84AF07E2C55} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E13D3BBD-A3F4-4DAB-90A4-101F6ED459E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAFFE63A-B0D6-42F7-AA67-8FDC45166900} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{09d4c20e-0c2b-4750-8bdb-0a44d5f5893a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{904ad7cb-90a6-4b5a-925c-a1b3caae4380}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bd3f4503-c6be-4827-81de-e06d44f03454}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bf4cbe26-8f0b-48c7-b859-142f3864e664}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\tkrpe\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-22]

FireFox:
========
FF DefaultProfile: 66uq2n4o.default
FF ProfilePath: C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\66uq2n4o.default [2019-12-10]
FF ProfilePath: C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330 [2022-03-23]
FF Homepage: Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330 -> hxxps://www.seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-22]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\tkrpe\AppData\Roaming\Mozilla\Firefox\Profiles\gbk2fvcj.default-release-1647972981330\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2022-03-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2020-02-04] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-03-04] (Autodesk, Inc. -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [596920 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1943992 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [596920 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8519280 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
S2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9199512 2018-02-26] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-03] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-02-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-02-15] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2020-07-10] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WPSService20; C:\Program Files (x86)\Edimax\Edimax AC600 Wireless LAN Driver\WPSService20.exe [96768 2017-11-24] () [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-01-14] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [226464 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [369768 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [253040 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99424 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41488 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [267000 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [544880 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107992 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83056 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [854416 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [551576 2022-03-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215024 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [318872 2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-03-22] (Malwarebytes Inc -> Malwarebytes)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12041824 2020-04-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51216 2016-05-12] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S2 AMDRyzenMasterDriverV17; \??\C:\Program Files\AMD\CNext\CNext\AMDRyzenMasterDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-23 18:06 - 2022-03-23 18:07 - 000000000 ____D C:\AdwCleaner
2022-03-23 18:05 - 2022-03-23 18:05 - 008540344 _____ (Malwarebytes) C:\Users\tkrpe\Desktop\AdwCleaner.exe
2022-03-22 21:48 - 2022-03-23 18:57 - 000022332 _____ C:\Users\tkrpe\Desktop\FRST.txt
2022-03-22 21:44 - 2022-03-23 18:57 - 000000000 ____D C:\FRST
2022-03-22 21:43 - 2022-03-22 21:42 - 002364928 _____ (Farbar) C:\Users\tkrpe\Desktop\FRST64.exe
2022-03-22 19:36 - 2022-03-22 19:37 - 000001378 _____ C:\Users\tkrpe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-03-22 19:36 - 2022-03-22 19:36 - 000000000 ____D C:\Users\tkrpe\AppData\Local\ESET
2022-03-22 18:56 - 2022-03-22 18:56 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-03-22 18:56 - 2022-03-22 18:56 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-03-22 18:56 - 2022-03-22 18:56 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-03-22 18:40 - 2022-03-22 18:40 - 000000000 ___HD C:\$AV_AVG
2022-03-11 13:19 - 2022-03-11 13:19 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 13:19 - 2022-03-11 13:19 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 13:19 - 2022-03-11 13:19 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 13:19 - 2022-03-11 13:19 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 13:19 - 2022-03-11 13:19 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-11 13:19 - 2022-03-11 13:19 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 13:12 - 2022-03-11 13:12 - 000000000 ___HD C:\$WinREAgent
2022-03-03 20:23 - 2022-03-03 20:23 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-27 22:20 - 2022-02-27 22:20 - 000000000 ____D C:\Users\tkrpe\AppData\Local\ATI
2022-02-26 12:49 - 2022-02-26 12:49 - 000000779 _____ C:\Users\Public\Desktop\Crysis 3.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-23 18:54 - 2022-02-15 17:52 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-23 18:53 - 2021-11-03 20:17 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-03-23 18:53 - 2021-11-03 20:15 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-03-23 18:53 - 2019-12-10 23:10 - 000000000 ____D C:\Users\tkrpe\AppData\LocalLow\Mozilla
2022-03-23 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-23 18:27 - 2021-11-03 20:15 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2022-03-23 18:27 - 2021-11-03 20:14 - 000002400 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2022-03-23 18:27 - 2021-07-21 20:13 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-03-23 18:27 - 2021-07-21 20:13 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-03-23 18:27 - 2021-06-08 22:55 - 000002414 _____ C:\WINDOWS\system32\Tasks\RTSS
2022-03-23 18:27 - 2020-07-28 20:12 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-23 18:27 - 2020-07-28 20:12 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-23 18:27 - 2020-07-28 20:12 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-23 18:27 - 2020-07-28 20:12 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-03-23 18:27 - 2020-07-28 20:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-03-23 18:00 - 2021-03-25 20:48 - 000000000 ____D C:\Users\tkrpe\AppData\LocalLow\IGDump
2022-03-23 17:54 - 2020-01-03 23:48 - 000000000 ____D C:\Users\tkrpe\AppData\Local\CrashDumps
2022-03-22 21:21 - 2020-07-28 20:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-22 20:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-22 20:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-22 20:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-22 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-22 20:37 - 2021-11-20 20:47 - 000000000 ____D C:\Days Gone
2022-03-22 19:16 - 2021-10-09 22:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-22 19:03 - 2020-07-28 20:12 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-22 19:03 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-22 19:03 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-22 18:56 - 2020-07-28 20:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-22 18:56 - 2020-07-28 20:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-22 18:56 - 2019-12-11 00:49 - 000000000 ____D C:\ProgramData\AVG
2022-03-22 18:56 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-22 18:48 - 2021-03-16 01:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-22 18:48 - 2019-12-10 23:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-22 18:47 - 2019-12-10 23:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-22 18:21 - 2021-01-02 19:12 - 000000000 ____D C:\Users\tkrpe\AppData\Local\AMD_Common
2022-03-22 18:15 - 2022-01-18 21:20 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-22 18:11 - 2020-06-05 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-12 18:10 - 2020-01-28 21:22 - 000000000 ____D C:\Users\tkrpe\AppData\Roaming\vlc
2022-03-11 19:35 - 2021-01-28 23:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 19:35 - 2019-12-10 23:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 19:33 - 2019-12-10 23:03 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-11 17:52 - 2019-12-11 01:03 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-11 15:04 - 2020-07-28 20:07 - 005199904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 15:03 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-11 15:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 15:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 13:32 - 2019-12-10 22:32 - 000000000 ____D C:\Users\tkrpe\AppData\Local\D3DSCache
2022-03-11 13:19 - 2020-07-28 20:09 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-03 20:23 - 2020-08-18 20:38 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-03 20:23 - 2019-12-11 00:43 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-03 20:22 - 2019-12-11 00:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-03 20:22 - 2019-12-11 00:42 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-03 20:21 - 2019-12-11 00:50 - 000551576 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2022-03-03 01:07 - 2021-01-10 15:05 - 000000000 ____D C:\Users\tkrpe\AppData\Roaming\Origin
2022-03-03 01:07 - 2021-01-10 15:05 - 000000000 ____D C:\ProgramData\Origin
2022-03-02 21:21 - 2020-02-01 21:00 - 000000000 ____D C:\Users\tkrpe\AppData\Local\Origin
2022-02-25 23:48 - 2021-10-03 21:18 - 000000000 ____D C:\Users\tkrpe\Desktop\Hotovo
2022-02-21 21:15 - 2020-03-03 22:21 - 000000000 ____D C:\Users\tkrpe\Desktop\dům
2022-02-21 21:15 - 2020-02-04 21:08 - 000000000 ____D C:\Users\tkrpe\Graphisoft

==================== Files in the root of some directories ========

2020-01-08 23:39 - 2022-02-02 21:28 - 000007652 _____ () C:\Users\tkrpe\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by tkrpe (23-03-2022 18:58:11)
Running from C:\Users\tkrpe\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1586 (X64) (2020-07-28 19:12:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4202080177-88069448-2828812736-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4202080177-88069448-2828812736-503 - Limited - Disabled)
Guest (S-1-5-21-4202080177-88069448-2828812736-501 - Limited - Disabled)
tkrpe (S-1-5-21-4202080177-88069448-2828812736-1001 - Administrator - Enabled) => C:\Users\tkrpe
WDAGUtilityAccount (S-1-5-21-4202080177-88069448-2828812736-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
FW: AVG Antivirus (Enabled) {77FCDD80-5C3B-5549-57A4-B1A62BD5FB8F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A Plague Tale Innocence (HKLM-x32\...\A Plague Tale Innocence_is1) (Version: - )
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AIDA64 Extreme v6.10 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.10 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.10.2 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{97e1a863-427f-481e-b259-b691eb7b45cd}) (Version: 21.0.1 - Intel Corporation)
ArchiCAD 15 R1 CZE (HKLM\...\001FFF2FFF15FF00FF1101F01F02F000-R1) (Version: 15.0 - Graphisoft)
ARCHICAD 22 R1 INT (HKLM\...\ARCHICAD 22.0 INT FULL R1 1) (Version: 22.0.0.6001 - GRAPHISOFT SE)
Assassin's Creed Brotherhood (HKLM-x32\...\Uplay Install 26) (Version: - Ubisoft)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version: - Ubisoft)
Assassin's Creed IV: Black Flag - Jackdaw Edition verze 1.07 (HKLM-x32\...\{27A21BA5-4062-4A7A-9796-6C5EDF7A64D1}_is1) (Version: 1.07 - )
Assassin's Creed Revelations (HKLM-x32\...\Uplay Install 40) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD 2021 - English (HKLM\...\{28B89EEF-4101-0409-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - English (HKLM\...\AutoCAD 2021 - English) (Version: 24.0.47.0 - Autodesk)
Autodesk AutoCAD 2021 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk CAD Manager Tools (HKLM\...\{28B89EEF-4111-0409-0110-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.16.2.0 - Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 22.1.3219 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Call of Duty - WWII (HKLM-x32\...\Call of Duty - WWII_is1) (Version: - )
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CodeMeter Runtime Kit v6.60a (HKLM\...\{34F620A7-AAD8-4C48-8ED6-9A8E7F894D15}) (Version: 6.60.2878.501 - WIBU-SYSTEMS AG)
Crysis (HKLM-x32\...\{E70E73B2-DABD-40E4-AE50-81B22567F418}) (Version: 1.1.1.6156 - Electronic Arts)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis 3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 11.0.0.2 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
Edimax AC600 Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.0.2.0 - Edimax Technology Co.)
eModel - MetLife (HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\eModel) (Version: 3.0.0.22 - MetLife)
Enscape 2.5.2.34 (HKLM\...\Enscape) (Version: 2.5.2.34 - Enscape GmbH)
Fallout 4 - Čeština (HKLM-x32\...\{1454E590-9236-408D-94F3-4C953C0D802C}) (Version: 1.0.2 - prekladyher.eu)
Forza Horizon 4 Ultimate Edition MULTi16 - ElAmigos verze 1.332.904.2 (HKLM-x32\...\{236DFCEC-29C2-4C1B-8598-32308D2B7BAB}_is1) (Version: 1.332.904.2 - Microsoft)
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
Grand Theft Auto V verze 1.0.1868 (HKLM-x32\...\{5E4842D9-2DAF-4C73-AB24-26A4CC2B1809}_is1) (Version: 1.0.1868 - )
GRAPHISOFT BIMx Desktop Viewer (HKLM\...\BIMx Viewer 22.0 GEN FULL R1 1) (Version: 2018.2.1534.0 - GRAPHISOFT SE)
GRAPHISOFT License Manager Tool (HKLM\...\License Manager Tool 20.0 INT FULL R1 1) (Version: 20.0.0.4590 - GRAPHISOFT SE)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Java(TM) 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Mafia - Definitve Edition (HKLM-x32\...\{D383B15E-3CE1-4B7F-8E88-F93D39BB2E5C}_is1) (Version: - hangar 13)
Malwarebytes version 4.5.5.175 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.5.175 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office Standard 2016 - cs-cz (HKLM\...\StandardRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Middle-Earth - Shadow of Mordor version 1951.6 (HKLM-x32\...\{CEFD5E8E-F81E-47DA-B3C1-79D1EAF02E92}_is1) (Version: 1951.6 - )
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 98.0.1 (x64 cs)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
MSI Afterburner 4.6.3 (HKLM-x32\...\Afterburner) (Version: 4.6.3 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.1.0.68 - Autodesk)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.41 - Razer Inc.)
RivaTuner Statistics Server 7.3.0 (HKLM-x32\...\RTSS) (Version: 7.3.0 - Unwinder)
RyzenMasterSDK (HKLM\...\{82BC68B8-48AD-422A-806D-83663E66BB86}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Shadow of the Tomb Raider Cpy Čeština (HKLM-x32\...\{F233C280-925A-422A-91DD-F99B398A76E6}) (Version: 1.0.0 - cpy)
Shadow of the Tomb Raider The Path Home (HKLM-x32\...\Shadow of the Tomb Raider The Path Home_is1) (Version: - )
SnowRunner verze 8.0 (HKLM-x32\...\{E257A908-31CC-41F4-8C06-C75EB1377A17}_is1) (Version: 8.0 - )
Speciální aplikace Autodesk 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Zoom (HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-18] (Microsoft Corporation)
Forza Horizon 4 -> E:\Forza Horizon 4 Ultimate Edition\Fh4 [2022-03-22] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> E:\Forza Horizon 4 Ultimate Edition\FH4_FortuneIsland [2020-01-03] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> E:\Forza Horizon 4 Ultimate Edition\FH4_Lego [2020-01-03] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-22] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4202080177-88069448-2828812736-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4202080177-88069448-2828812736-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\tkrpe\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-4202080177-88069448-2828812736-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-4202080177-88069448-2828812736-1001_Classes\CLSID\{a47fb05b-ec6f-030b-6e3b-e3725973b5b61}\InprocServer32 -> 0x6C4143414143624579543133446455425651424D61574E6C626E4E6C5A46527650564E736557647662334E6C4930567459576C7350574A736232356B615756666147466B58324666624739305832396D58325A31626B427A6232316C5957526B636D56 (the data entry has 202 more characters). => No File
CustomCLSID: HKU\S-1-5-21-4202080177-88069448-2828812736-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\cs-CZ\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-02-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-11] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-10 15:08 - 2022-02-15 20:30 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-01-10 15:08 - 2022-02-15 20:30 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-01-10 15:08 - 2022-02-15 20:30 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-02-15 20:30 - 2022-02-15 20:30 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-02-15 20:30 - 2022-02-15 20:30 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-02-15 20:30 - 2022-02-15 20:30 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-02-15 20:30 - 2022-02-15 20:30 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-02-15 20:30 - 2022-02-15 20:30 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-02-15 20:30 - 2022-02-15 20:30 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4202080177-88069448-2828812736-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2020-02-04] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-09-12 18:37 - 000001978 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 wit-ams-cloudservice.cloudapp.net
127.0.0.1 licensemanager.graphisoft.com
127.0.0.1 licensemanager-test.graphisoft.com
127.0.0.1 bimx-api.graphisoft.com
127.0.0.1 licensemanager-subtest.graphisoft.com
127.0.0.1 graphisoftid-subtest.graphisoft.com
127.0.0.1 graphisoftid-test.graphisoft.com
127.0.0.1 graphisoftid.graphisoft.com
127.0.0.1 ruleservice-api-subscr-test.graphisoft.com
127.0.0.1 ruleservice-api-test.graphisoft.com
127.0.0.1 ruleservice-api.graphisoft.com
127.0.0.1 license-manager-api.azurewebsites.net
127.0.0.1 waws-prod-am2-069.vip.azurewebsites.windows.net
127.0.0.1 waws-prod-am2-069.cloudapp.net
127.0.0.1 e5486.g.akamaiedge.net
127.0.0.1 e8218.dscb1.akamaiedge.net
127.0.0.1 par10s22-in-f232.1e100.net
127.0.0.1 par10s28-in-f8.1e100.net
127.0.0.1 par10s34-in-f8.1e100.net
127.0.0.1 gs-com.cloudapp.net
127.0.0.1 usagelogger.graphisoft.com
127.0.0.1 poneytelecom.eu
127.0.0.1 swupdate.graphisoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tkrpe\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Network Server.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1153D3DF-2D7B-4233-9F1A-E5652DDC364D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{3A6EE77F-DD83-45FD-BB03-35D2F478CCF4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{46383725-CE43-43FF-8DA9-97C3DF28586D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{12E14851-75F3-417F-A547-8446947DDA44}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EE163CFA-EC32-430A-983A-9A5CD3EF64D0}] => (Allow) E:\Assassin's Creed Revelations\ACRMP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{752DBF08-3530-47B5-8EB4-9F9571D8DFD0}] => (Allow) E:\Assassin's Creed Revelations\ACRMP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6807B94A-9E3D-46D4-92F8-08B36E0E91B8}] => (Allow) E:\Assassin's Creed Revelations\ACRPR.exe (Ubisoft Entertainment -> )
FirewallRules: [{FA037195-78FA-42DB-9333-5309471976F1}] => (Allow) E:\Assassin's Creed Revelations\ACRPR.exe (Ubisoft Entertainment -> )
FirewallRules: [{095C1801-ADFD-4070-949C-BD1F984BC8DA}] => (Allow) E:\Assassin's Creed Revelations\ACRSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{7FD24472-2248-4578-A574-7D206F467C73}] => (Allow) E:\Assassin's Creed Revelations\ACRSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{86AE1555-7382-4C84-BC17-B136D24061E7}] => (Allow) E:\Assassin's Creed Brotherhood\ACBMP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CD756607-BDF6-4B83-8B8D-E576CCA21958}] => (Allow) E:\Assassin's Creed Brotherhood\ACBMP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1C787BD8-075C-41E5-B485-3DBB951F11F7}] => (Allow) E:\Assassin's Creed Brotherhood\ACBSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{7E492E23-0734-4631-8B69-C61DBB4D510E}] => (Allow) E:\Assassin's Creed Brotherhood\ACBSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{02B42942-09D2-462F-8C0D-7A715089AA11}] => (Allow) E:\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{D8CF23D3-A366-4E0E-960A-7DFC3B6C308A}] => (Allow) E:\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{27360A13-5092-4EBF-9409-BEE7D7AEC0D8}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [{FB9A9691-DE49-4228-B21A-6034609B14EE}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [{6BE0BEC0-6B34-43CA-9080-31FF1E625E24}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{46600990-ECB5-4A43-A848-680977BCB631}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{0B3B87F1-D4D7-4025-9DAB-B60485E30062}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{21F8827E-3ACB-4420-9DB4-BDFE84226E6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{69AFE4E5-AD6F-4402-A9EF-95454DC09EDF}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{98413388-AE43-42CC-91C3-223287C580D0}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{29717B2F-8BE3-4813-A4EB-1AD0958F25A4}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{D7ABEA9B-5895-4838-9640-67549213D89A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{F5CB3A3C-F96A-48C7-8F84-62434BAB07FA}] => (Block) C:\Program Files\Graphisoft\ARCHICAD 22\ARCHICAD.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{11242FAF-B8E7-4F99-B526-847841F8FE94}] => (Block) C:\Program Files\Graphisoft\ARCHICAD 22\CineRender\CineRenderNEM.exe (MAXON Computer GmbH -> MAXON Computer GmbH)
FirewallRules: [{E4E8511B-9284-4990-BEE6-25112D644AEA}] => (Block) C:\Program Files\Graphisoft\ARCHICAD 22\BIMxUploader.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{697E610F-2D44-403F-993A-2670F1B67F2D}] => (Block) C:\Program Files\Graphisoft\ARCHICAD 22\OverwatchServer.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{DFDAA84F-991F-44B1-B477-CE5518320955}] => (Allow) E:\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{8632A867-F9ED-4A8D-9AD0-0B71CB7ECB96}] => (Allow) E:\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{A64AC1D5-5B1D-4C54-B652-04C41B5CFD02}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe => No File
FirewallRules: [{6B2A093D-5966-4709-82CC-BF10191E357F}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe => No File
FirewallRules: [{9D38F10C-EFC4-4CE2-93DF-931A03DD5241}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{7B29F1C7-1C1E-4829-845A-B11631EB6B72}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{438FD71C-B96F-4253-9502-D606D3B23234}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{3A3D51F0-4941-4BD6-A056-718570906014}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{580A3F78-1DDA-42E3-A9BE-978B6726D0C4}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{48561F4A-58A6-4090-809A-691ACEF9CB10}] => (Allow) E:\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{C6DB3FDB-8514-4BFB-870F-00EF282B5184}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4583A29F-BBC6-48D7-8F52-FF02F78736BC}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9C626AAC-93AD-4232-8B0B-3BF0E3C60C24}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{0F9974CB-3441-4419-9C7E-B3785F530476}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{46122A47-351B-4185-976D-B0EACA1621C6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{44FCF9F8-88E0-4173-B244-03BBE3F2EBC5}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{38DFA1B5-3921-4A2D-9CBF-290A06F9BB4D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1B1E4D19-CE37-4FB4-B42A-84B2ECF2D161}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{608F0DDA-8E6D-4B0D-9E70-A879FF2D60AC}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9E28B919-D1FB-43E3-9A81-2C95B6929B8F}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9D64C358-0D84-4393-ACA1-FF32E6F56D30}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{06ABB027-4F7A-4008-AB1C-FE7352315267}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FFB0206-EC6D-4F3A-9E5B-2EB40463214D}] => (Allow) E:\Crysis\Crysis\Bin32\Crysis.exe => No File
FirewallRules: [{890FCE2E-DDE9-4299-83E3-6838EDE98A5A}] => (Allow) E:\Crysis\Crysis\Bin32\Crysis.exe => No File
FirewallRules: [{AB0F701B-45C6-4012-90FE-48EBFC73CEC6}] => (Allow) E:\Crysis\Crysis\Bin32\Editor.exe => No File
FirewallRules: [{BF2DC400-9683-4910-8759-36985CCA7DE7}] => (Allow) E:\Crysis\Crysis\Bin32\Editor.exe => No File
FirewallRules: [{568FFE0A-F9F9-4807-90DF-20ECC6EBAD75}] => (Allow) E:\Crysis\Crysis 2\bin32\Crysis2.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{881A6C85-889B-40C7-B6BA-5D1B2FC4D143}] => (Allow) E:\Crysis\Crysis 2\bin32\Crysis2.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{83D5BDE9-FF82-4C4E-8602-982B326CF3CD}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{58F4FC6B-A100-4E9C-A2CA-36AF96599DF0}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4E7DFEDB-E79C-4E00-B25E-47235AB6EAEE}] => (Allow) E:\Crysis\Crysis 3\Bin32\Crysis3.exe (Electronic Arts, Inc. -> Crytek GmbH)
FirewallRules: [{A22363F6-6934-4EF2-B6BE-3731BA92E287}] => (Allow) E:\Crysis\Crysis 3\Bin32\Crysis3.exe (Electronic Arts, Inc. -> Crytek GmbH)
FirewallRules: [{4FE3BC75-DF86-4757-9D12-BD7929D533BD}] => (Allow) E:\Crysis\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe (Crytek GmbH) [File not signed]
FirewallRules: [{6AE7BF9F-0F26-4B2B-B4CE-6091AB71EB88}] => (Allow) E:\Crysis\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe (Crytek GmbH) [File not signed]
FirewallRules: [{D40D6877-8EAE-4947-8257-EA645C8D50D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7EA6206F-926F-453B-B666-50EE51D20D23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34E5403F-E4CE-4665-A016-639E7D1AE53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A38A8405-96F6-4934-ABAA-08712B6E3A07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50EEF418-0D10-449F-A0CC-26B3C9714768}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A7E078E2-5D4A-4B50-B998-D0311F3CDED3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D8123321-F408-4328-B7FF-447E56464014}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86DF274F-19CE-41FF-A784-D9856E017DBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

22-03-2022 21:02:32 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/23/2022 05:54:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cpumetricsserver.exe, verze: 10.1.2.1884, časové razítko: 0x615c7dd8
Název chybujícího modulu: cpumetricsserver.exe, verze: 10.1.2.1884, časové razítko: 0x615c7dd8
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000076bc
ID chybujícího procesu: 0x2f48
Čas spuštění chybující aplikace: 0x01d83ed699850ae3
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
ID zprávy: 7453add7-4d43-4cd4-8104-872ab26f48bd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/22/2022 08:49:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/22/2022 06:57:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cpumetricsserver.exe, verze: 10.1.2.1884, časové razítko: 0x615c7dd8
Název chybujícího modulu: cpumetricsserver.exe, verze: 10.1.2.1884, časové razítko: 0x615c7dd8
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000076bc
ID chybujícího procesu: 0x3690
Čas spuštění chybující aplikace: 0x01d83e16406664f3
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
ID zprávy: e21005a1-f9fe-4320-b89a-9313f801e977
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/22/2022 06:56:44 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/22/2022 06:49:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cpumetricsserver.exe, verze: 10.1.2.1884, časové razítko: 0x615c7dd8
Název chybujícího modulu: cpumetricsserver.exe, verze: 10.1.2.1884, časové razítko: 0x615c7dd8
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000076bc
ID chybujícího procesu: 0x3a74
Čas spuštění chybující aplikace: 0x01d83e151e17ccd7
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
ID zprávy: 7be940d9-8d35-4564-bd74-9fa6ceab182b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/22/2022 06:48:37 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/22/2022 06:48:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/22/2022 06:48:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CodeMeter Runtime Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CmWebAdmin byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FlexNet Licensing Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WPS2.0 HW PBC Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2022 06:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2022-03-23 17:54:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-03-23 17:54:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.00 07/13/2018
Motherboard: Micro-Star International Co., Ltd. B450M GAMING PLUS (MS-7B87)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 16335.2 MB
Available physical RAM: 10731.62 MB
Total Virtual: 22223.2 MB
Available Virtual: 14811.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.01 GB) (Free:282.94 GB) NTFS
Drive e: () (Fixed) (Total:2794.5 GB) (Free:1062.25 GB) NTFS

\\?\Volume{bfd4a860-e51b-4e65-bc0e-063119748902}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{0242298c-7d4e-4f4d-abb7-d440655088ff}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{47674ca8-bacb-49d3-9538-40a9d28ced80}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 19:58
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {00d7d431-aa03-11ec-a8c1-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b696641-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b6967d5-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {ec07a370-d681-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
FirewallRules: [{A64AC1D5-5B1D-4C54-B652-04C41B5CFD02}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe => No File
FirewallRules: [{6B2A093D-5966-4709-82CC-BF10191E357F}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe => No File
FirewallRules: [{9D38F10C-EFC4-4CE2-93DF-931A03DD5241}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{7B29F1C7-1C1E-4829-845A-B11631EB6B72}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{438FD71C-B96F-4253-9502-D606D3B23234}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{3A3D51F0-4941-4BD6-A056-718570906014}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{580A3F78-1DDA-42E3-A9BE-978B6726D0C4}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9FFB0206-EC6D-4F3A-9E5B-2EB40463214D}] => (Allow) E:\Crysis\Crysis\Bin32\Crysis.exe => No File
FirewallRules: [{890FCE2E-DDE9-4299-83E3-6838EDE98A5A}] => (Allow) E:\Crysis\Crysis\Bin32\Crysis.exe => No File
FirewallRules: [{AB0F701B-45C6-4012-90FE-48EBFC73CEC6}] => (Allow) E:\Crysis\Crysis\Bin32\Editor.exe => No File
FirewallRules: [{BF2DC400-9683-4910-8759-36985CCA7DE7}] => (Allow) E:\Crysis\Crysis\Bin32\Editor.exe => No File

EmptyTemp:
Hists:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 20:36
od Krtek77
Zasílám fix log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by tkrpe (23-03-2022 20:29:43) Run:1
Running from C:\Users\tkrpe\Desktop
Loaded Profiles: tkrpe
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {00d7d431-aa03-11ec-a8c1-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b696641-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {8b6967d5-d682-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\...\MountPoints2: {ec07a370-d681-11ea-a87f-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
FirewallRules: [{A64AC1D5-5B1D-4C54-B652-04C41B5CFD02}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe => No File
FirewallRules: [{6B2A093D-5966-4709-82CC-BF10191E357F}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe => No File
FirewallRules: [{9D38F10C-EFC4-4CE2-93DF-931A03DD5241}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{7B29F1C7-1C1E-4829-845A-B11631EB6B72}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{438FD71C-B96F-4253-9502-D606D3B23234}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{3A3D51F0-4941-4BD6-A056-718570906014}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{580A3F78-1DDA-42E3-A9BE-978B6726D0C4}] => (Allow) C:\Users\tkrpe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9FFB0206-EC6D-4F3A-9E5B-2EB40463214D}] => (Allow) E:\Crysis\Crysis\Bin32\Crysis.exe => No File
FirewallRules: [{890FCE2E-DDE9-4299-83E3-6838EDE98A5A}] => (Allow) E:\Crysis\Crysis\Bin32\Crysis.exe => No File
FirewallRules: [{AB0F701B-45C6-4012-90FE-48EBFC73CEC6}] => (Allow) E:\Crysis\Crysis\Bin32\Editor.exe => No File
FirewallRules: [{BF2DC400-9683-4910-8759-36985CCA7DE7}] => (Allow) E:\Crysis\Crysis\Bin32\Editor.exe => No File

EmptyTemp:
Hists:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-4202080177-88069448-2828812736-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
"HKU\S-1-5-21-4202080177-88069448-2828812736-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00d7d431-aa03-11ec-a8c1-001a7dda7111} => removed successfully
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b696641-d682-11ea-a87f-001a7dda7111} => removed successfully
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b6967d5-d682-11ea-a87f-001a7dda7111} => removed successfully
HKU\S-1-5-21-4202080177-88069448-2828812736-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec07a370-d681-11ea-a87f-001a7dda7111} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A64AC1D5-5B1D-4C54-B652-04C41B5CFD02}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B2A093D-5966-4709-82CC-BF10191E357F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D38F10C-EFC4-4CE2-93DF-931A03DD5241}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B29F1C7-1C1E-4829-845A-B11631EB6B72}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{438FD71C-B96F-4253-9502-D606D3B23234}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A3D51F0-4941-4BD6-A056-718570906014}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{580A3F78-1DDA-42E3-A9BE-978B6726D0C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FFB0206-EC6D-4F3A-9E5B-2EB40463214D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{890FCE2E-DDE9-4299-83E3-6838EDE98A5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB0F701B-45C6-4012-90FE-48EBFC73CEC6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF2DC400-9683-4910-8759-36985CCA7DE7}" => removed successfully
Hists: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 408937546 B
Java, Flash, Steam htmlcache => 1647 B
Windows/system/drivers => 2158648405 B
Edge => 1482788 B
Firefox => 1088275104 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 372602 B
NetworkService => 372602 B
tkrpe => 516735906 B

RecycleBin => 101045 B
EmptyTemp: => 3.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-03-2022 20:35:24)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 20:35:24 ====

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 20:53
od Rudy
Smazáno. Log by již měl být OK.

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 20:55
od Krtek77
Super, mockrát děkuju. :thumbsup: :thumbsup:

Re: Prosím o kontrolu logu z FRST

Napsal: 23 bře 2022 21:54
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz