Dobrý den,
Prosím o preventivní kontrolu. Občas mám pocit, jako by se PC náhlůe zpomalilo. Ale taky to můžou být jen aktualizace něčeho...
Díky moc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022
Ran by dell (administrator) on DESKTOP-D488AUL (Dell Inc. OptiPlex 7010) (30-07-2022 16:52:31)
Running from C:\Users\dell\Desktop
Loaded Profiles: dell
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1826 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <4>
(C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(services.exe ->) (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2917496 2021-06-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213760 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4114688 2022-07-30] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [AvastBrowserAutoLaunch_D982C07C112FE48696510282A5786B0F] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\dell\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-01-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32599440 2021-05-23] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\dell\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\dell\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\RunOnce: [Uninstall 22.131.0619.0001_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dell\AppData\Local\Microsoft\OneDrive\22.131.0619.0001_1" (No File)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\MountPoints2: {4a3933a3-4928-11eb-a37c-1803733a5c0d} - "D:\HTC_Sync_Manager_PC.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\103.0.17593.114\Installer\chrmstp.exe [2022-07-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {089710EA-FB05-4C5B-90D6-8B059C49D9A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D28AA46-F9B8-49A1-AF31-90F341BDA0CF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414664 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {294672B6-6885-463C-80ED-5BBC146BF29F} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6667600 2022-07-28] (Avast Software s.r.o. -> Avast Software)
Task: {332C45CE-659B-4027-A64C-B6BC1E0A5200} - System32\Tasks\Opera scheduled Autoupdate 1602170678 => C:\Users\dell\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C} - System32\Tasks\CCleanerSkipUAC - dell => C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (No File)
Task: {4BF8A713-62CD-4534-832F-DFD6F08AD4FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {689A6AB0-C0E3-448E-8336-8EBEA6DB88A8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1000904 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {73565860-BB81-41F5-AA7B-C8B74D205118} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7E260ACD-E895-433B-88A9-5FDD7E083EF0} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {8027766F-887D-4CA4-95CF-D8D3A9D6C939} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {82D40958-D0B7-4E0F-B6C8-30157FB8B4D4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4938496 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
Task: {853E0061-9538-481F-85EA-A76444CA804E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414664 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {886EA287-5429-470B-BF3E-6CE006A79D1B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {912E285A-32FD-4DFB-936A-EB943AFCDF2A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A34A74A1-5A48-486D-A16C-5CBC73FDEA64} - System32\Tasks\Opera scheduled assistant Autoupdate 1602170707 => C:\Users\dell\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\dell\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AF4D108A-A7FC-42FC-92D6-80A5E02DBF08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {B5663821-34FC-4454-8E43-5899EC5D0AB7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF46B781-9DA5-4A78-8C5F-386734A12A12} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4614912 2022-07-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid b592ec50-1816-4984-ab2a-458637d485af
Task: {C1C3EA6F-2225-4E8C-A5E3-B0EA8AB107DE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D53BCCEE-DF59-4D9D-B17F-FD6981981514} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D5E16C75-FDB0-467F-BBD7-CF547EE7E9FE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {E32F9D85-A982-4B41-ABCF-3929F5BEEB25} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {FE5AD924-B25E-4FD2-8BDE-BCED35968FB3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{3c1b91c8-bb55-43df-9a3a-5f74ed00f40a}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{ecb2025f-d8a5-44f9-84e9-ef289e4a4eff}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-30]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: be5xdxw8.default
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\be5xdxw8.default [2022-05-23]
FF NewTab: Mozilla\Firefox\Profiles\be5xdxw8.default -> hxxps://securesearch.org/homepage?hp=2&pId=AR190201&iDate=2020-10-08 03:26:00&bName=
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\be5xdxw8.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yq4xklgc.default-release [2022-07-30]
FF Homepage: Mozilla\Firefox\Profiles\yq4xklgc.default-release -> centrum.cz
FF NewTab: Mozilla\Firefox\Profiles\yq4xklgc.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=AR190201&iDate=2020-10-08 03:26:00&bName=
FF Notifications: Mozilla\Firefox\Profiles\yq4xklgc.default-release -> hxxps://www.sport.cz; hxxps://www.letemsvetemapplem.eu; hxxps://www.national-geographic.cz
FF Extension: (Video DownloadHelper) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yq4xklgc.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2022-07-30]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-30]
CHR Extension: (Hudba Google Play) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-11-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-30]
CHR Extension: (Centrum.cz Email Notifikátor) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm [2020-01-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\dell\AppData\Roaming\Opera Software\Opera Stable [2022-01-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8486968 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [590080 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2009344 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [589056 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\103.0.17593.114\elevation_service.exe [1991960 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15703296 2022-07-30] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111288 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [435384 2022-03-31] (VMware, Inc. -> VMware, Inc.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [473224 2022-02-01] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [293000 2022-03-01] (FabulaTech, LLP -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-05] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6232176 2022-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [770696 2022-03-01] (FabulaTech, LLP -> VMware)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235584 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [385560 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258072 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104976 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25048 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47976 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274536 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553928 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113984 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [89056 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [860416 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [668208 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221528 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324864 2022-07-15] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 kinonivd; C:\WINDOWS\System32\drivers\kinonivd.sys [283672 2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [31256 2020-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66520 2018-05-05] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2018-05-05] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-30 16:52 - 2022-07-30 16:54 - 000029581 _____ C:\Users\dell\Desktop\FRST.txt
2022-07-30 16:52 - 2022-07-30 16:52 - 000000000 ____D C:\Users\dell\Desktop\FRST-OlderVersion
2022-07-22 17:24 - 2022-07-22 17:24 - 000646087 _____ C:\Users\dell\Downloads\Nezvany host - Jackson, Lisa.epub
2022-07-22 17:18 - 2022-07-22 17:18 - 000728398 _____ C:\Users\dell\Downloads\reznice-z-male-barmy.epub
2022-07-22 17:15 - 2022-07-22 17:15 - 000898785 _____ C:\Users\dell\Downloads\Kasmirovy sal - Thomasova Rosie.epub
2022-07-22 17:13 - 2022-07-22 17:13 - 001247445 _____ C:\Users\dell\Downloads\Murakami, Haruki - Komturova smrt.epub
2022-07-17 18:07 - 2022-07-30 16:52 - 002369536 _____ (Farbar) C:\Users\dell\Desktop\FRST64.exe
2022-07-17 17:10 - 2022-07-17 17:10 - 000849271 _____ C:\Users\dell\Downloads\Nech me lhat - MacKintosh Clare.epub
2022-07-16 21:42 - 2022-07-16 21:54 - 3771362156 _____ C:\Users\dell\Downloads\Stranger.Things.S04E09.Chapter.Nine.The.Piggyback.1080p.cz.tit.mkv
2022-07-16 21:42 - 2022-07-16 21:49 - 432258617 _____ C:\Users\dell\Downloads\Stranger.Things.S04E08.Chapter.Eight.Papa.1080p.cz.tit.mkv
2022-07-16 21:08 - 2022-07-16 21:09 - 1471841360 _____ C:\Users\dell\Downloads\Jitřní záře 06 CZ.mp4
2022-07-16 21:00 - 2022-07-16 21:02 - 1329142132 _____ C:\Users\dell\Downloads\Jitřní záře 05 CZ.avi
2022-07-16 20:59 - 2022-07-16 21:01 - 671209836 _____ C:\Users\dell\Downloads\Jitřní záře 04 CZ.avi
2022-07-16 20:58 - 2022-07-16 21:00 - 856152200 _____ C:\Users\dell\Downloads\Jitřní záře 02 CZ.avi
2022-07-16 20:58 - 2022-07-16 21:00 - 704552570 _____ C:\Users\dell\Downloads\Jitřní záře 03 CZ.avi
2022-07-16 20:57 - 2022-07-16 20:59 - 787845854 _____ C:\Users\dell\Downloads\Jitřní záře 01 CZ.avi
2022-07-15 07:58 - 2022-07-15 07:58 - 000270592 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-07-15 07:58 - 2022-07-15 07:58 - 000221528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-07-14 22:43 - 2022-07-14 22:43 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-14 22:43 - 2022-07-14 22:43 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-14 22:43 - 2022-07-14 22:43 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-14 22:43 - 2022-07-14 22:43 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-14 22:43 - 2022-07-14 22:43 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-14 22:42 - 2022-07-14 22:42 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-14 22:42 - 2022-07-14 22:42 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-14 22:42 - 2022-07-14 22:42 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-14 22:42 - 2022-07-14 22:42 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-14 22:41 - 2022-07-14 22:41 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-14 22:41 - 2022-07-14 22:41 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-14 22:41 - 2022-07-14 22:41 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-14 22:41 - 2022-07-14 22:41 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-14 22:40 - 2022-07-14 22:40 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-14 22:39 - 2022-07-14 22:39 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-14 22:37 - 2022-07-14 22:37 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-14 22:37 - 2022-07-14 22:37 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-14 22:36 - 2022-07-14 22:36 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-14 22:36 - 2022-07-14 22:36 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-14 21:33 - 2022-07-14 21:33 - 000000000 ___HD C:\$WinREAgent
2022-07-09 20:49 - 2022-07-09 20:49 - 000001162 _____ C:\Users\dell\Desktop\kočička Sofie.docx – zástupce.lnk
2022-07-09 16:06 - 2022-07-09 16:06 - 611833764 _____ C:\Users\dell\Downloads\Audiokniha Cole Daniel - Imitátor (2021).rar
2022-07-02 17:30 - 2022-07-02 17:32 - 1650392794 _____ C:\Users\dell\Downloads\CHILD Lee - Jatka (audiokniha)(grevill).rar
2022-07-02 17:28 - 2022-07-02 17:29 - 503718949 _____ C:\Users\dell\Downloads\audiokniha-M.Kodýdek-Makléř.rar
2022-07-02 17:26 - 2022-07-02 17:27 - 541375706 _____ C:\Users\dell\Downloads\Escobar Mario - Osvětimská ukolébavka audio kniha (Hybnerová Vanda-Lněnička Petr).rar
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-30 16:53 - 2021-08-22 10:55 - 000000000 ____D C:\FRST
2022-07-30 16:53 - 2020-01-18 18:41 - 000000000 ____D C:\Users\dell\AppData\LocalLow\Mozilla
2022-07-30 16:49 - 2021-09-09 21:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-30 16:49 - 2020-01-18 20:39 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-30 16:47 - 2021-10-10 16:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-30 16:47 - 2020-01-18 18:41 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-30 16:46 - 2021-12-13 23:48 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2928999788-1073042996-272343193-1001
2022-07-30 16:46 - 2020-08-21 18:32 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-30 16:46 - 2020-08-21 18:32 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-07-30 16:46 - 2020-08-21 18:32 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-30 16:46 - 2020-08-21 18:32 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-07-30 16:46 - 2020-08-21 18:32 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2928999788-1073042996-272343193-1001
2022-07-30 16:46 - 2020-08-21 18:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-07-30 16:32 - 2020-01-19 23:23 - 000000000 ____D C:\Users\dell\AppData\Roaming\Telegram Desktop
2022-07-30 16:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-30 16:22 - 2020-10-08 17:38 - 000000000 ____D C:\Users\dell\AppData\Roaming\VMware
2022-07-30 16:22 - 2020-01-18 20:52 - 000000000 ____D C:\Users\dell\AppData\Local\AVAST Software
2022-07-30 16:22 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-07-30 16:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-30 16:21 - 2022-05-18 17:08 - 000163744 _____ C:\ProgramData\vmware-view.profile
2022-07-30 16:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-30 16:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-30 16:16 - 2020-06-04 19:26 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-30 16:05 - 2021-02-27 23:44 - 000002374 _____ C:\Users\dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-22 22:14 - 2020-06-04 22:27 - 000000000 ____D C:\Users\dell\Downloads\Telegram Desktop
2022-07-22 16:27 - 2020-01-18 20:39 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-22 16:27 - 2020-01-18 20:39 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-21 21:51 - 2019-12-02 16:21 - 000000000 ____D C:\Users\dell\AppData\Local\PlaceholderTileLogoFolder
2022-07-21 21:51 - 2019-06-21 15:23 - 000000000 ____D C:\Users\dell\AppData\Local\Publishers
2022-07-21 21:51 - 2019-06-21 15:22 - 000000000 ____D C:\Users\dell\AppData\Local\Packages
2022-07-20 06:52 - 2020-01-18 20:18 - 000000000 ____D C:\Program Files\Microsoft Office
2022-07-17 18:16 - 2020-01-18 20:41 - 000000000 ____D C:\ProgramData\AVAST Software
2022-07-17 18:14 - 2020-10-08 17:35 - 000000000 ____D C:\ProgramData\VMware
2022-07-17 18:12 - 2020-08-21 18:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-17 18:12 - 2020-08-21 18:08 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-17 18:12 - 2020-08-21 18:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-17 18:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-07-17 18:11 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-17 17:39 - 2020-01-18 21:18 - 000000000 ____D C:\Users\dell\AppData\Local\CrashDumps
2022-07-15 07:59 - 2020-08-21 18:32 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-07-15 07:58 - 2020-10-13 21:30 - 000274536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-07-15 07:58 - 2020-04-21 21:37 - 000553928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000860416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000668208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000385560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000324864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000258072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000113984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000104976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000089056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-07-15 07:58 - 2020-01-18 20:42 - 000047976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-07-15 07:58 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-07-15 07:52 - 2020-08-21 18:30 - 001701418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-15 07:52 - 2019-12-07 16:43 - 000719492 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-15 07:52 - 2019-12-07 16:43 - 000146196 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-15 07:41 - 2020-01-18 18:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-15 07:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-15 07:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-15 07:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-15 07:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-15 07:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-15 07:34 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-07-15 07:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-15 07:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-14 22:36 - 2020-08-21 18:13 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-14 21:27 - 2020-01-18 19:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-14 21:09 - 2020-01-18 19:05 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 22:15 - 2020-03-23 23:57 - 000000000 ____D C:\Users\dell\AppData\Roaming\vlc
2022-07-13 15:55 - 2020-01-18 20:52 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-07-09 20:48 - 2020-01-21 22:13 - 000000000 ____D C:\Users\dell\Documents\Soubory Outlooku
==================== Files in the root of some directories ========
2020-10-08 22:10 - 2020-10-08 22:49 - 000001238 _____ () C:\Users\dell\AppData\Roaming\droid4xinstaller.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2022
Ran by dell (30-07-2022 17:01:54)
Running from C:\Users\dell\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1826 (X64) (2020-08-21 16:33:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2928999788-1073042996-272343193-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2928999788-1073042996-272343193-503 - Limited - Disabled)
dell (S-1-5-21-2928999788-1073042996-272343193-1001 - Administrator - Enabled) => C:\Users\dell
Guest (S-1-5-21-2928999788-1073042996-272343193-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2928999788-1073042996-272343193-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 22.2.12024.7688 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 103.0.17593.114 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1086 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{9C42268E-4541-43F5-9D88-D9D12DB39EBC}) (Version: 4.8.0 - Kovid Goyal)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.1.5 - CEWE Stiftung u Co. KGaA)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{7563302D-BD6B-4153-BA7D-3E3432E7C22D}) (Version: 7.5.6 - Intel Corporation)
IrfanView 4.59 (64-bit) (HKLM\...\IrfanView64) (Version: 4.59 - Irfan Skiljan)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft .NET Host - 6.0.3 (x86) (HKLM-x32\...\{6602D3D8-3B3B-403C-802C-CEA93C5552F0}) (Version: 48.15.37625 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.3 (x86) (HKLM-x32\...\{2A367180-D4CC-4957-9FB8-DC73B5973A66}) (Version: 48.15.37625 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.3 (x86) (HKLM-x32\...\{A40FC77D-3234-41D7-9FF8-2B1CA7F30715}) (Version: 48.15.37625 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15330.20264 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.77 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\Teams) (Version: 1.2.00.34161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30708 (HKLM-x32\...\{52ad9b34-7229-4fa5-b36d-bbe3393d7f20}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30708 (HKLM-x32\...\{C27CC672-3095-4DA8-9805-9BB2A4065704}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30708 (HKLM-x32\...\{D436A6E9-EC92-40C9-BF09-1EF1D0ED8BCB}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.3 (x86) (HKLM-x32\...\{44af261a-525b-4772-9a63-b5dde6e885da}) (Version: 6.0.3.31024 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.3 (x86) (HKLM-x32\...\{7AA89A3B-EFD3-4E74-A24C-A0C5F77B2830}) (Version: 48.15.37635 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 103.0 (x64 cs)) (Version: 103.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6127 - Realtek Semiconductor Corp.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.34161 - Microsoft Corporation)
Telegram Desktop version 4.0.2 (HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.0.2 - Telegram FZ-LLC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VMware Horizon Client (HKLM\...\{34D8C062-1C96-4747-95F5-1A74D7293B43}) (Version: 8.5.0.26981 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{0120fb9d-5f66-470e-9cc2-831b43a6ec6d}) (Version: 8.5.0.26981 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{496D3031-A0D3-4CEC-9C55-698DD50B42F1}) (Version: 8.5.0 - VMware, Inc.) Hidden
VMware Horizon Media Engine 13.0.0.0 (64-bit) (HKLM\...\{B2F4FB23-09B9-4115-B1E9-767DFF2692EF}) (Version: 13.0.0.0 - VMware, Inc.) Hidden
VMware Horizon Media Redirection for Microsoft Teams (HKLM\...\{F76DF889-94BB-4156-91B6-C4877F38E783}) (Version: 8.5.0 - VMware, Inc.) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.21.71.0_x64__kgqvnymyfvs32 [2022-07-30] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa [2022-05-21] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-30] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2928999788-1073042996-272343193-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\dell\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2928999788-1073042996-272343193-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dell\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-15] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2018-05-05] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2018-05-05] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
==================== Loaded Modules (Whitelisted) =============
2019-10-21 14:56 - 2019-10-21 14:56 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-10-21 14:56 - 2019-10-21 14:56 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2019-10-21 14:56 - 2019-10-21 14:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2019-10-21 14:56 - 2019-10-21 14:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-10-21 14:56 - 2019-10-21 14:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=AR190201&iDate=2020-10-08 03:26:00&bName=
SearchScopes: HKU\S-1-5-21-2928999788-1073042996-272343193-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\sharepoint.com -> hxxps://kujmk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2022-06-08 08:01 - 000000878 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 view-localhost # view localhost server
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_0508.JPG
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_D982C07C112FE48696510282A5786B0F"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\StartupApproved\Run: => "Viber"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{6AA80391-F43C-4093-8216-70DA63D0E75A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1DDD0D54-D7F1-42D6-AF5F-9D645BEC99E8}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{653A5E04-DED3-494D-84E9-5D355D1414CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe (Warner Bros. Interactive Entertainment) [File not signed]
FirewallRules: [{52B5C3FA-C355-4E37-ADE8-81E1AAE95767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe (Warner Bros. Interactive Entertainment) [File not signed]
FirewallRules: [{745978E8-507F-472F-B6AE-A1EF32F94F9D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FB3D01B2-ABF8-4E62-BD77-9C7ABC5A64E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B64E1062-DF21-4258-B86D-3B4B321BB7B3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{41101A6F-7B67-4015-A02E-BE11A760C5FD}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{46D34E69-3615-4ACA-8033-9C483FF6E679}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{D8F85D98-0E43-44E7-A2A8-3F82A8A73D8B}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{408E13DC-7BBE-446A-B5D7-F43ABB1A8C74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter Years 5-7\harry2.exe (Warner Bros. Interactive Entertainment) [File not signed]
FirewallRules: [{3A3F9F3D-808B-4036-BF86-EDB6B5DE1C09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter Years 5-7\harry2.exe (Warner Bros. Interactive Entertainment) [File not signed]
FirewallRules: [{74A35B54-E203-4AB0-9F79-2B9AD57DC2AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5497B32E-B57A-41F2-AB14-420A6DBD04AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A6C7C33E-6FFF-4F8F-BE04-D1E18DA40925}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F97C5278-BC17-4411-990F-5E6A05A6064A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1483EDF0-873B-4CE4-BA03-FE4B82DF5058}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{827D3CD4-037B-4B55-85DA-CC2CEBD3E42A}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{F75B8D46-DECA-4942-9EF3-5AA6307C5BDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{DD80872F-289E-42CC-A2B6-BE90E7A6902F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{4B6A768D-8766-471D-9EDC-85EA86B501D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4EE6E1E-5741-4D36-B082-B6BD4E376F14}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4035C19F-C294-4CB8-AB2C-A573E7187F4B}] => (Allow) C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe => No File
FirewallRules: [{E21D5A75-B327-4255-B263-436EC1F295CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61473DA7-61B3-4886-BC56-28D4E21B895F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F253506-7377-4E32-9E45-92E000610739}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB02D457-72D1-4954-9C5D-50725058A58A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9F5AC99-A1F4-4FBF-BEEF-E526417C9199}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{120F7B70-2CE9-4D2D-BFFF-40477AB27175}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A92D2B44-E09C-4994-870E-C8FC792E5B6D}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3956C219-D652-4B89-B35F-C1B4ADAF7D01}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{37B2DCD5-2986-43D0-B70D-AFC87BC4971C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EBCB590B-4C88-4D6C-AA71-295ED850CCFB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A2DD77FC-ED6F-482B-9443-AEF87CD876B1}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3EC9D16F-6F01-4BED-AE29-24273C8247DA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{83768D68-C770-4E55-9257-E2037852D03B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{768F0C39-7520-40AD-B37C-4C748A1A2837}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BCC72119-8CEE-4C77-90B7-38416FD33A04}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{911A4FBC-F433-48C9-980A-88D99AB447BA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{881D3456-B1B9-4641-B3F9-ACAF85240059}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C120F9BF-C72E-436D-9268-5735CE3ECD3E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46235968-85E4-411F-83DD-70710F18AE0B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{249E6275-8EBD-4D8D-8D6B-1F56194F7AE2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{03E77FCB-F124-41FF-B11D-6947FE162C91}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1F67601-85A7-4188-8150-26018E6D029F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A2D6F8B0-5851-4C5B-BBA1-E5820B2EAD82}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{52CE5524-A452-432F-B604-451E2E9835B0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6E0D10B6-DCD4-4097-AF25-550A6EC7B311}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F37E6032-C977-4686-A931-EF30036951C9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E363210F-F414-4124-B0A0-25C80279BEAD}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F21BDE77-6CF4-47C0-9042-50AE0CA37FA6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{780003D4-9504-4CC2-ACF7-19E075DD02A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B99B49C3-0DF5-4081-89CF-35D4DBA3B47A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21E35A79-9243-4B6E-BE4A-03A53243F211}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B070D077-E5B9-4622-9E4E-88B0D249FDE4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBA333DF-5B41-4EE4-ACDB-6D2899DDA411}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93EE8106-933D-41F4-AC72-B041B1FBD1FA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2CE4EAD3-56E5-40DA-8BBD-FAB373C7E770}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A0A77D3-C05B-4A6C-AD22-485F8740980B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CABD3A8B-40E7-41F6-88B8-D2C0EC973E1D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{86CB8C8F-C608-43B1-A2AC-9E5DA4407429}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{52DEAECD-C3A3-472C-A45E-1B1B2D6FB7BD}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{2D6DB129-DDB1-40D2-83FF-3A13E5883C08}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{CB4E66F3-7244-42AE-A4A4-197BECDD56C4}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{8B5ADB1B-5800-4393-9D02-AA0197C9BCC5}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{76661680-65E6-4AC0-9B4C-85C6FAA00B47}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{8F4E541B-3778-40FB-B4DA-FB2DA6282CFE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7E8C4446-B466-4B84-87D4-31774F6C4FEE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F82C0864-6F12-432B-B023-622F4FE74864}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AFFEE2BD-AF77-48B9-B398-BC693E286F63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ED474276-786E-4C31-9C2F-9265B95DFAB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59E1A5F3-DCED-461F-8398-8CC5442C63DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F27976F-5BEC-4EB5-953C-F1D4BF9A6B35}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF8FFEF7-7D75-481D-9E94-2B8A052DC793}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{75884867-C977-4092-AD33-5DB33CE074BA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.71\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
14-07-2022 21:35:29 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/30/2022 03:54:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.822.6271.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 365c
Čas spuštění: 01d8a41b96cc07c2
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
ID hlášení: adcff489-6b03-4df0-aaf8-bec21559a488
Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (07/22/2022 09:58:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 22.6.7355.0, časové razítko: 0x62b5cbff
Název chybujícího modulu: AvastUI.exe, verze: 22.6.7355.0, časové razítko: 0x62b5cbff
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000824e10
ID chybujícího procesu: 0x38d8
Čas spuštění chybující aplikace: 0x01d89dd60b86f745
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastUI.exe
ID zprávy: 52ba3960-491e-45cd-a3e5-2d33ffd71e9e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/20/2022 06:52:12 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-D488AUL)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
Error: (07/17/2022 06:11:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/17/2022 06:11:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (07/17/2022 06:11:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/17/2022 06:11:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (07/15/2022 07:44:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (6016,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00040.log došlo k chybě -1811 (0xfffff8ed).
System errors:
=============
Error: (07/22/2022 05:40:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D488AUL)
Description: Server Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/21/2022 11:09:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D488AUL)
Description: Server Microsoft.MicrosoftOfficeHub_18.2205.1091.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/21/2022 08:35:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D488AUL)
Description: Server Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/20/2022 10:52:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D488AUL)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/20/2022 08:23:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).
Error: (07/20/2022 05:48:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D488AUL)
Description: Server Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/20/2022 06:52:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D488AUL)
Description: Server {BE19F061-C08B-426E-811F-2A1CEB1E80AD} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/17/2022 08:35:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================Event[0]:
Date: 2021-10-16 18:11:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.351.534.0
Předchozí verze bezpečnostních informací: 1.347.88.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18600.4
Předchozí verze modulu: 1.1.18400.5
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2021-10-16 18:11:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.351.534.0
Předchozí verze bezpečnostních informací: 1.347.88.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18600.4
Předchozí verze modulu: 1.1.18400.5
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2021-10-16 18:11:07
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18600.4
Předchozí verze modulu: 1.1.18400.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2021-08-07 21:13:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.2244.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2021-07-22 20:51:10
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.341.1413.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===============
Date: 2022-07-30 17:03:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2022-07-30 16:54:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2022-07-30 16:52:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A25 05/10/2017
Motherboard: Dell Inc. 0KRC95
Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8146.45 MB
Available physical RAM: 4056.73 MB
Total Virtual: 10429.71 MB
Available Virtual: 5929.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.19 GB) (Free:186.64 GB) (Model: WDC WD5000AAKX-08U6AA0) NTFS
\\?\Volume{7ff8b773-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7FF8B773)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\MountPoints2: {4a3933a3-4928-11eb-a37c-1803733a5c0d} - "D:\HTC_Sync_Manager_PC.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C} - System32\Tasks\CCleanerSkipUAC - dell => C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (No File)
Task: {8027766F-887D-4CA4-95CF-D8D3A9D6C939} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {AF4D108A-A7FC-42FC-92D6-80A5E02DBF08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=AR190201&iDate=2020-10-08 03:26:00&bName=
SearchScopes: HKU\S-1-5-21-2928999788-1073042996-272343193-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{4035C19F-C294-4CB8-AB2C-A573E7187F4B}] => (Allow) C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe => No File
EmpryTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivku
Požadovaný log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-07-2022
Ran by dell (31-07-2022 20:58:16) Run:1
Running from C:\Users\dell\Desktop
Loaded Profiles: dell
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\MountPoints2: {4a3933a3-4928-11eb-a37c-1803733a5c0d} - "D:\HTC_Sync_Manager_PC.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C} - System32\Tasks\CCleanerSkipUAC - dell => C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (No File)
Task: {8027766F-887D-4CA4-95CF-D8D3A9D6C939} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {AF4D108A-A7FC-42FC-92D6-80A5E02DBF08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=AR190201&iDate=2020-10-08 03:26:00&bName=
SearchScopes: HKU\S-1-5-21-2928999788-1073042996-272343193-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{4035C19F-C294-4CB8-AB2C-A573E7187F4B}] => (Allow) C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe => No File
EmpryTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a3933a3-4928-11eb-a37c-1803733a5c0d} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - dell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC - dell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8027766F-887D-4CA4-95CF-D8D3A9D6C939}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8027766F-887D-4CA4-95CF-D8D3A9D6C939}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF4D108A-A7FC-42FC-92D6-80A5E02DBF08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF4D108A-A7FC-42FC-92D6-80A5E02DBF08}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] => Error: No automatic fix found for this entry.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2928999788-1073042996-272343193-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4035C19F-C294-4CB8-AB2C-A573E7187F4B}" => removed successfully
EmpryTemp: => Error: No automatic fix found for this entry.
The system needed a reboot.
==== End of Fixlog 20:58:18 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-07-2022
Ran by dell (31-07-2022 20:58:16) Run:1
Running from C:\Users\dell\Desktop
Loaded Profiles: dell
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\...\MountPoints2: {4a3933a3-4928-11eb-a37c-1803733a5c0d} - "D:\HTC_Sync_Manager_PC.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C} - System32\Tasks\CCleanerSkipUAC - dell => C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (No File)
Task: {8027766F-887D-4CA4-95CF-D8D3A9D6C939} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {AF4D108A-A7FC-42FC-92D6-80A5E02DBF08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=AR190201&iDate=2020-10-08 03:26:00&bName=
SearchScopes: HKU\S-1-5-21-2928999788-1073042996-272343193-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{4035C19F-C294-4CB8-AB2C-A573E7187F4B}] => (Allow) C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe => No File
EmpryTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a3933a3-4928-11eb-a37c-1803733a5c0d} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46EA4BFC-EAB6-4EE5-BFEF-084E92E6B80C}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - dell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC - dell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8027766F-887D-4CA4-95CF-D8D3A9D6C939}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8027766F-887D-4CA4-95CF-D8D3A9D6C939}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66B5FF9-9728-42DA-A3AA-CFCAFAE3B95A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF4D108A-A7FC-42FC-92D6-80A5E02DBF08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF4D108A-A7FC-42FC-92D6-80A5E02DBF08}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] => Error: No automatic fix found for this entry.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKU\S-1-5-21-2928999788-1073042996-272343193-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2928999788-1073042996-272343193-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4035C19F-C294-4CB8-AB2C-A573E7187F4B}" => removed successfully
EmpryTemp: => Error: No automatic fix found for this entry.
The system needed a reboot.
==== End of Fixlog 20:58:18 ====
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Bylo smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivku
OK, díky moc, snad bude PC umravněné.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Snad ano, byly tam jen zbytečnosti. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?