Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#1 Příspěvek od tepan »

Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by Petr (administrator) on TEPAN (04-05-2022 09:49:05)
Running from D:\Downloads
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\atieclxx.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <39>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(services.exe ->) () [File not signed] C:\Program Files\Allway Sync\Bin\SyncService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1613_none_7df538047ca074bb\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630552 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547040 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --do-not-de-elevate --flag-switches-begin --flag-switches-end --e (the data entry has 134 more characters). [3547040 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2020-09-30]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A48237D-5E77-4636-AD1B-5AC395A5068F} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1118200 2022-03-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1A759FE2-A1B5-4FE2-811D-AC9C39981464} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DDF55E8-F84E-4572-8628-BCFA063554C1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {200EA518-84E9-47D8-B1FE-5E295CF986A5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {30491167-089B-4CAA-95F2-4AE4C415F706} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53AB23AC-8EEC-4957-B2C6-6922771EE91E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {5DA70AA1-F3E1-40E1-A3A2-B3A0D0604AAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-25] (Google LLC -> Google LLC)
Task: {71E9041C-2F8B-467F-97EB-2E3C65F64244} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {8175F048-B512-4171-B833-01861426B0B0} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {88DACFAE-AEEF-4E4F-B4FA-F9AB2F937CAD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4148571483-3592684963-3718319802-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {91F34A0A-249B-4C20-BCCB-ABEC18A46B47} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {962E83BF-4C15-4A32-8DB1-EF3889607677} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2AA7524-DF4A-4357-BE67-57B1A0BDE138} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B1E9BC96-ABED-4210-8BD5-D0560BB86D38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-25] (Google LLC -> Google LLC)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {C56A57EE-B4C6-4BB3-82B9-1D4976DAF94F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C963CFBE-B837-47C4-81AF-7F4F12C2328C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2022-03-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {CB5A6DB2-555E-474A-843A-C3E4FFE6FE77} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D4768DA9-04A9-4DE4-BAC1-B5B89D6A2156} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Petr\OneDrive\Plocha\AdwCleaner.exe [8199856 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
Task: {D8FEDA38-705C-455A-AB93-A2C78643649F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9C975BD-456B-40B0-90CE-5F42AA83DAC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA8A9E30-A9D1-40F6-9EBC-4E8B5F162E5F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-03-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION
Task: {EFFF7856-1392-4C35-9D26-4949052E44CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4857843-CF0C-4823-8375-4FA58F81EB4B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F6265E46-199F-4B6B-B9FD-DA3020321E8D} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-03-09] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F6CE90AF-CC8B-4A19-A317-AF7789E78BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {FE8EEC74-DEBB-4BEC-8838-E046782EA8F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{9fddadb7-d77f-4285-9596-3a6f1ddef74d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [DhcpNameServer] 86.49.5.221 86.49.5.222

Edge:
=======
DownloadDir: D:\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxps://www.tipsport.cz; hxxps://www.facebook.com; hxxps://cpyskidrow.com; hxxps://ouo.press; hxxps://www1a.ramirocampos.pro; hxxps://www1a.debrahinton.pro; hxxps://www.file-up.org; hxxps://www1a.sherwoodsutton.pro; hxxps://www1a.bethanyharrell.pro; hxxps://www2a.debrahinton.pro
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-04]
Edge DownloadDir: Default -> D:\Downloads
Edge Notifications: Default -> hxxps://cz.bongacams.com; hxxps://nahehvezdy.cz; hxxps://wp.aliexpress.com; hxxps://www.aliexpress.com; hxxps://www.chatzone.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-04-07]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-05-02]
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-24]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-24]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [264192 2020-04-07] () [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncHelper.exe [3395992 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.065.0412.0004\OneDriveUpdaterService.exe [3868568 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33728 2021-12-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2022-03-08] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0377495.inf_amd64_58cc395c0bf03a26\B377432\amdkmdag.sys [90159536 2022-03-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-27 16:50 - 2022-04-27 18:35 - 000000000 ____D C:\Users\Petr\OneDrive\Dokumenty\The Witcher 3
2022-04-27 16:44 - 2022-04-27 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2022-04-27 16:36 - 2022-04-27 16:37 - 000000000 ____D C:\Instalovane hry
2022-04-22 21:36 - 2022-04-22 21:36 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-22 21:36 - 2022-04-22 21:36 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-13 23:14 - 2022-04-13 23:14 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-13 23:14 - 2022-04-13 23:14 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 23:14 - 2022-04-13 23:14 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-13 23:14 - 2022-04-13 23:14 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 23:04 - 2022-04-13 23:04 - 000000000 ___HD C:\$WinREAgent
2022-04-07 17:20 - 2022-04-07 17:20 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\AMD
2022-04-07 17:20 - 2022-03-16 03:41 - 000110408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2022-04-05 19:27 - 2022-04-05 19:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\AMD
2022-04-05 19:27 - 2022-04-05 19:27 - 000000000 ____D C:\Users\Petr\AppData\Local\setup
2022-04-05 19:26 - 2022-04-05 19:26 - 000000000 ____D C:\Program Files (x86)\AMD
2022-04-05 19:17 - 2022-04-05 19:17 - 000002622 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2022-04-05 19:17 - 2022-04-05 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2022-04-05 19:17 - 2022-04-05 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-04-05 19:03 - 2022-04-05 19:03 - 000000000 ____D C:\Users\Petr\AppData\Local\AMDSoftwareInstaller
2022-04-05 18:51 - 2022-03-16 03:43 - 001913800 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001913800 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001484744 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001484744 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 001446368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 001446368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 001157976 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 001157976 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000798640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000675784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000559536 _____ C:\WINDOWS\system32\GameManager64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000502192 _____ C:\WINDOWS\system32\dgtrayicon.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 000494000 _____ C:\WINDOWS\system32\EEURestart.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 000420784 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000346008 _____ C:\WINDOWS\system32\clinfo.exe
2022-04-05 18:51 - 2022-03-16 03:43 - 000196016 _____ C:\WINDOWS\system32\mantle64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000180144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000179120 _____ C:\WINDOWS\system32\mantleaxl64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000157104 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000142768 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000142744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000092608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000077256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000048560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000045488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000030032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2022-04-05 18:51 - 2022-03-16 03:43 - 000030032 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 090031536 _____ C:\WINDOWS\system32\amd_comgr.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 074263496 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 001537968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 001415616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 001415616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000892336 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2022-04-05 18:51 - 2022-03-16 03:42 - 000527280 _____ C:\WINDOWS\system32\atieah64.exe
2022-04-05 18:51 - 2022-03-16 03:42 - 000470448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000395184 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2022-04-05 18:51 - 2022-03-16 03:42 - 000262576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000221616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000203552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000168344 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000167984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000151984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000151656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000141232 _____ C:\WINDOWS\system32\atidxx64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000139720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000135088 _____ C:\WINDOWS\system32\amdxc64.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000132552 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000122704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000115632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000115120 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000109976 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2022-04-05 18:51 - 2022-03-16 03:42 - 000072104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 069203376 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 001714232 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 001389744 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000943512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000770968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000560048 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000551944 _____ C:\WINDOWS\system32\amdmiracast.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000468376 _____ C:\WINDOWS\system32\amdlogum.exe
2022-04-05 18:51 - 2022-03-16 03:41 - 000423344 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000178272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000151632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-04-05 18:51 - 2022-03-16 03:41 - 000122728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-04-05 18:51 - 2022-03-16 03:40 - 000162088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-04-05 18:51 - 2022-03-16 03:40 - 000136840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-04-05 18:51 - 2022-03-16 03:16 - 056643200 _____ C:\WINDOWS\system32\amdxc64.so
2022-04-05 18:51 - 2022-03-16 03:16 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2022-04-05 18:51 - 2022-03-16 03:16 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2022-04-05 18:51 - 2022-03-16 03:16 - 000571400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-04-05 18:51 - 2022-03-16 03:16 - 000571400 _____ C:\WINDOWS\system32\atiapfxx.blb
2022-04-05 18:51 - 2022-03-16 03:16 - 000010702 _____ C:\WINDOWS\system32\atiacmLocalisation.ini

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-04 09:49 - 2020-11-26 11:05 - 000000000 ____D C:\FRST
2022-05-04 09:42 - 2019-10-15 17:00 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2022-05-04 09:33 - 2021-04-25 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-04 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-04 09:33 - 2019-10-15 10:32 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-04 03:40 - 2019-11-24 04:03 - 000000000 ____D C:\Program Files\CCleaner
2022-05-02 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-02 15:42 - 2021-04-25 22:33 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-02 15:42 - 2019-12-07 16:41 - 000716632 _____ C:\WINDOWS\system32\perfh005.dat
2022-05-02 15:42 - 2019-12-07 16:41 - 000144810 _____ C:\WINDOWS\system32\perfc005.dat
2022-05-02 15:42 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-02 15:39 - 2021-04-25 22:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-05-02 15:38 - 2021-08-10 11:03 - 000020196 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-05-02 15:38 - 2021-04-25 22:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-02 15:38 - 2020-09-21 15:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-02 15:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-02 15:38 - 2019-10-11 21:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-05-02 15:37 - 2021-04-25 22:32 - 000003172 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2022-05-02 15:36 - 2020-03-25 14:58 - 000000000 ____D C:\AdwCleaner
2022-05-02 15:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-02 14:22 - 2019-10-15 10:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2022-05-02 14:16 - 2019-10-15 11:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2022-05-02 07:45 - 2020-10-19 12:32 - 000000000 ____D C:\Filmy
2022-04-30 21:35 - 2020-07-14 04:46 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-27 23:07 - 2019-10-11 21:30 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2022-04-27 16:44 - 2019-10-11 21:28 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-26 12:47 - 2020-10-19 12:35 - 000000000 ____D C:\hry pred instalaci
2022-04-26 12:46 - 2021-09-12 21:38 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-04-26 11:58 - 2020-10-27 08:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EMPRESS
2022-04-26 11:53 - 2019-10-11 21:30 - 000000000 ____D C:\Users\Petr\AppData\Local\AMD
2022-04-21 21:38 - 2021-03-16 21:33 - 000000000 ____D C:\Users\Petr\AppData\Local\AMD_Common
2022-04-21 02:25 - 2021-12-12 18:35 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4148571483-3592684963-3718319802-1001
2022-04-21 02:25 - 2021-04-25 22:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-04-21 02:25 - 2020-02-06 07:42 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-20 08:16 - 2021-04-25 22:26 - 000000000 ____D C:\Users\Petr
2022-04-20 04:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-20 03:09 - 2020-07-25 08:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-20 03:03 - 2021-04-25 22:32 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-20 03:03 - 2021-04-25 22:32 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-13 23:45 - 2021-04-25 22:25 - 000443832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 23:44 - 2021-04-25 23:11 - 000000000 ____D C:\WINDOWS\en-GB
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-13 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 23:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 23:01 - 2019-10-11 21:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 22:59 - 2019-10-11 21:35 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-10 13:52 - 2021-04-26 06:20 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73a117b34c136
2022-04-10 13:52 - 2021-04-25 22:32 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 17:20 - 2019-10-11 21:28 - 000000000 ____D C:\Program Files\AMD
2022-04-06 01:10 - 2020-09-30 22:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-05 19:27 - 2019-10-11 21:27 - 000000000 ____D C:\AMD
2022-04-05 19:17 - 2022-03-22 16:23 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-04-05 19:17 - 2022-03-22 16:23 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR

==================== Files in the root of some directories ========

2020-09-21 14:06 - 2019-07-04 21:27 - 000452992 _____ (COMODO) C:\ProgramData\cmdres.dll
2020-04-06 11:56 - 2020-04-06 11:56 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-04-06 11:56 - 2020-04-06 11:56 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-11-12 11:08 - 2020-10-12 15:33 - 017838873 _____ (VS Revo Group) C:\Program Files (x86)\Revo Uninstaller Pro 4.2.3.exe
2020-10-26 00:11 - 2020-08-28 10:46 - 000036105 _____ () C:\Users\Petr\AppData\Local\crx.7z
2020-09-21 13:42 - 2020-09-30 09:43 - 000016438 _____ () C:\Users\Petr\AppData\Local\partner.bmp
2020-11-10 09:48 - 2020-11-12 10:59 - 000003040 _____ () C:\Users\Petr\AppData\Local\PlariumPlay.log
2019-10-11 21:56 - 2019-10-11 21:56 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by Petr (04-05-2022 09:51:36)
Running from D:\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1645 (X64) (2021-04-25 20:32:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4148571483-3592684963-3718319802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4148571483-3592684963-3718319802-503 - Limited - Disabled)
Guest (S-1-5-21-4148571483-3592684963-3718319802-501 - Limited - Disabled)
Petr (S-1-5-21-4148571483-3592684963-3718319802-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4148571483-3592684963-3718319802-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: COMODO Antivirus (Disabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Allway Sync (HKLM\...\{6E2A6AEF-1397-4888-BD6F-4C0D4968014D}) (Version: 20.0.5 - Botkind Inc.)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (HKLM\...\{567591EE-85F7-4E4D-AE28-FD65FCF4F201}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
CyberLink Ultra HD Blu-ray Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.3201 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.2.29539 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Horizon TV (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c95b0b82c5af06de43630c15663cdf58) (Version: 1.0 - Horizon TV)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
MediaHuman Audio Converter version 1.9.7.13 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7.13 - MediaHuman)
Messenger 73.2.121 (HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 73.2.121 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.32 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Outlook Express Backup V6.5 (HKLM-x32\...\Outlook Express Backup_is1) (Version: - Genie-Soft)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version: - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{B526C51D-E228-4AA0-BBBB-42EB7A90631E}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Shadow of the Tomb Raider Cpy Čeština (HKLM-x32\...\{F233C280-925A-422A-91DD-F99B398A76E6}) (Version: 1.0.0 - cpy)
Someday Youll Return (HKLM-x32\...\Someday Youll Return_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Unlocker (HKLM-x32\...\{5577A25D-E4FE-4BFB-A660-E0D766BC4EDD}) (Version: 1.9.2 - ajua Custom Installers)
Update for Skype for Business 2016 (KB5002106) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{CAD6A356-5D93-4C0F-B3B2-2E45264E3F34}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{CAD6A356-5D93-4C0F-B3B2-2E45264E3F34}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{CAD6A356-5D93-4C0F-B3B2-2E45264E3F34}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-26] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-06] (Microsoft Corporation)
PC Health Check -> C:\Program Files\WindowsApps\Microsoft.Windows.PCHealthCheck_3.3.0.0_x64__cw5n1h2txyewy [2021-12-08] (Microsoft Windows)
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09] (Nik Rolls)
Video Converter, Compressor MP4, 3GP, MKV, MOV, AVI - All Formats Media Converter -> C:\Program Files\WindowsApps\8075Queenloft.VideoConverterCompressorMP43GPMKVMOV_1.1.11.0_x64__g5dqhteqemct8 [2022-02-11] (Queenloft)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [BotkindSyncShellExtension] -> {9E2E6460-89FF-452A-A9BA-E62EB80B8539} => C:\Program Files\Allway Sync\Bin\ShellExtension.dll [2020-04-07] () [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-03-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Horizon TV.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml

==================== Loaded Modules (Whitelisted) =============

2022-03-09 18:44 - 2022-03-09 18:44 - 018143744 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\avcodec-58.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-03-08 10:57 - 2022-03-08 10:57 - 000683520 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2022-03-08 10:57 - 2022-03-08 10:57 - 000065024 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2022-03-09 18:43 - 2022-03-09 18:43 - 001764864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2021-11-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2022-02-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-11-26 12:13 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2D21074F-C974-41F4-A57D-1C1720D5B804}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D1B36E6-56E5-43CA-9899-6F7E736770FD}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFE34C6B-A89C-4D44-94F0-6AC287B8C862}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A424A64C-8889-4CA6-A98C-9444586AA9B0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0D0D985D-B8DC-44A2-A47D-3E100EEA2332}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{92E9A390-8B39-4754-A87F-BAA1DC60CDA2}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F3C53057-7838-46E6-8070-B423ABCE3F54}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{31F8E07C-AD31-4A78-AD9E-7E8BD1E22634}] => (Allow) D:\Downloads\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{3331E4A6-556E-46BF-BEEB-17506B7B692F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0616D40-F28B-4098-9F26-7121D65B12C4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BDF124F-F167-472B-B53F-05236DE6E8C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05579D82-1060-49F2-B7C7-D71E22AFEAF0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AC432F64-0876-40BA-BEEC-65E4B3A96D2C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{830E9726-E213-4B83-B5ED-2A1CE79FA5DC}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7653A6A2-AA42-46D9-AF39-27E1C1CC69C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{25179E20-C49D-4227-936E-42077BC74DB3}D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{40558C21-E52B-461D-B6A8-D28D95792143}D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\downloads\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe (Rockstar Games) [File not signed]

==================== Restore Points =========================

26-04-2022 22:53:30 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/02/2022 03:39:59 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (05/02/2022 02:16:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x1714
Čas spuštění chybující aplikace: 0x01d85cdec1a4c850
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 95b59cf7-8398-4ec9-a763-2ced210532bf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/29/2022 07:47:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x2874
Čas spuštění chybující aplikace: 0x01d85b29c41dd480
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 291ccff9-4bfd-4d1f-88ac-7726c2f3a2a6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/28/2022 04:45:02 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (04/27/2022 04:29:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x189c
Čas spuštění chybující aplikace: 0x01d85a3c4caeb2d8
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 76b2fdc4-df86-48f3-95ac-8e5ea5e3f4c8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/27/2022 03:34:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x114
Čas spuštění chybující aplikace: 0x01d859a5baf24fe9
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b8cc5b74-e6fe-4a7a-8d0f-3ac84e2f5a1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/26/2022 08:46:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.1620, časové razítko: 0x2ab009d1
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d17
ID chybujícího procesu: 0x311c
Čas spuštění chybující aplikace: 0x01d8599d3c17413a
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 50fd166d-005f-4d89-8beb-cb4bb6f65ed6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/26/2022 12:48:44 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.


System errors:
=============
Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba isesrv byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Botkind Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD Crash Defender Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/02/2022 03:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/26/2022 03:18:16 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (04/25/2022 10:43:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (04/24/2022 09:35:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.


CodeIntegrity:
===============
Date: 2022-05-04 09:48:06
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1804 07/29/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 75%
Total physical RAM: 8128.72 MB
Available physical RAM: 2004.68 MB
Total Virtual: 16257.44 MB
Available Virtual: 3257.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.91 GB) (Free:14.35 GB) NTFS
Drive d: () (Fixed) (Total:447.13 GB) (Free:4.83 GB) NTFS

\\?\Volume{06f3911c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 06F39101)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 06F3911C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#2 Příspěvek od JaRon »

ahoj,
citat"
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#3 Příspěvek od tepan »

Ahoj. Spustím poznámkový blok, zkopíruju do něj text, dám uložit jako fixlist.txt a uložím vedle FRST a vyskočí mi hláška - viz. příloha ... log se nevytvoří...
Přílohy
Bez názvu.jpg
Bez názvu.jpg (70.62 KiB) Zobrazeno 2680 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#4 Příspěvek od JaRon »

Skontroluj, aby oba subory frst.exe aj fixlist.txt boli na pracovnej ploche
Podla obrazku tam mas zastupcov - subory su niekde inde
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#5 Příspěvek od tepan »

Díky.Pro příště jsem poučen. A přikládám fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by Petr (06-05-2022 07:45:54) Run:2
Running from C:\Users\Petr\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a36-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {be542a4b-a650-11eb-9d45-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {596FB038-E37F-4C52-B656-2EE2B5BAC0F7} - System32\Tasks\Adobe Flash Player => C:\Users\Petr\AppData\Local\Microsoft\Windows\GameExplorer\makecab.exe (No File)
Task: {7AE3746B-8119-4786-A2BF-4C042AF0A679} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe -pool us1.ethermine.org:4444 -pool2 us2.ethermine.org:4444 -wal 0x77754D67409A0dC8339588BEaFe3d71b9547428a.MyRig -proto 3 (No File)
Task: {C35DB636-CB33-41F9-AF48-561E8F849516} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [File not signed]
Task: {DE219F6F-E670-42B8-9944-A2083F1B0BF9} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION
Task: {E52EB04F-A13D-43D5-9702-ADB0938DF6DB} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => C:\Windows\SysWOW64\XPSViewer\TasksG\G-1-38-45\TG_1.4.35.34.exe (Access Denied) <==== ATTENTION <==== ATTENTION



EmptyTemp:
Reboot:
End
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be542a36-a650-11eb-9d45-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be542a4b-a650-11eb-9d45-40b0765e7062} => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{596FB038-E37F-4C52-B656-2EE2B5BAC0F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{596FB038-E37F-4C52-B656-2EE2B5BAC0F7}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AE3746B-8119-4786-A2BF-4C042AF0A679}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE3746B-8119-4786-A2BF-4C042AF0A679}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetFramework\Microsoft .NET Framework" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C35DB636-CB33-41F9-AF48-561E8F849516}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C35DB636-CB33-41F9-AF48-561E8F849516}" => removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE219F6F-E670-42B8-9944-A2083F1B0BF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE219F6F-E670-42B8-9944-A2083F1B0BF9}" => removed successfully
C:\WINDOWS\System32\Tasks\ByteFence => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence" => removed successfully
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" could not be unlocked. <==== ATTENTION" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" was unlocked. <==== ATTENTION" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E52EB04F-A13D-43D5-9702-ADB0938DF6DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52EB04F-A13D-43D5-9702-ADB0938DF6DB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineHD" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28863400 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 60120671 B
Edge => 0 B
Chrome => 163840 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10706 B
NetworkService => 30468 B
Petr => 1619994 B

RecycleBin => 917 B
EmptyTemp: => 87.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:45:59 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#6 Příspěvek od JaRon »

OK, vycistene - je este nejaky problem :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#7 Příspěvek od tepan »

moc dlouho jsem čekat nemusel a je to tu znovu. viz. příloha
Přílohy
virus 2.jpg
virus 2.jpg (43.96 KiB) Zobrazeno 2655 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#8 Příspěvek od JaRon »

FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#9 Příspěvek od tepan »

přeskenováno...nic nenašel.
Přílohy
virus3.jpg
virus3.jpg (27.99 KiB) Zobrazeno 2650 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#10 Příspěvek od JaRon »

pripada mi to ako falosna hlaska o viruse
mas tam nainstalovany McAfee na ktory sa odvolava :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#11 Příspěvek od tepan »

ne, nemám... je to nějaký pop-up..jediný co použžívám je Comodo anti virus. Každopádně to vyskakuje, a to určitě není v pořádku. Sám si s tím ovšem neporadím...Proto jsem taky tady :)

toto mi našel Malwares bytes před 4mi dny (to jsem si už myslel,že už bude vše v pořádku - ale není) Teď mi Malwares bytes hlásí , že nic nevidí.
Přílohy
virus 4.jpg
virus 4.jpg (57.6 KiB) Zobrazeno 2643 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#12 Příspěvek od JaRon »

je potrebne zistit, co tuto hlasku vyvolava :???:
pravdepodobne niektory internetovy prehliadac, skus ho docasne zmenit na niektory z dvojice Edge-Firefox
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#13 Příspěvek od tepan »

Teď nechápu...To jako, že si mám nastavit jiný "domovsjý prohlížeč" ? Teď mám nastaven Edge

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#14 Příspěvek od JaRon »

ano dobre si pochopil docasne namiesto Edge pouzivaj Firefox a sleduj, ci znovu vyskoci hlaska o viruse
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

tepan
Návštěvník
Návštěvník
Příspěvky: 232
Registrován: 22 pro 2006 21:11
Bydliště: Sumperk

Re: Prosím o kontrolu logu a vyčištění. Vyskakuje hláška o trojanu.

#15 Příspěvek od tepan »

O.k....stáhnul jsem Firefox a dal jej jako výchozí...Jen mám dotaz...pokud se hláška objevovat nebude,co to pro mě znamená?..Já chci nadále používat Edge. Nicméně,teď tedy počkám, zda se to bude objevovat nebo ne.

Zamčeno