Dobrý den, prosím o kontrolu logu. PC se chová nestandartně a vyskakují nechtěná okna. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2023-04-22 22:57:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 146 GB (68%) free of 214 GB
Total RAM: 5883 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:19, on 22.4.2023
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 5r4712s39r
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\1.3.36.202\GoogleUpdateCore.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8546 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {C397FD76-347D-44A6-8105-8D5C367A1C7B}
taskeng.exe {287C30B7-8E97-4D2D-8C79-A9C1FB10D7F1}
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.0.585670107\479731438" -parentBuildID 20230414125621 -prefsHandle 1112 -prefMapHandle 1104 -prefsLen 28535 -prefMapSize 241396 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {6aed6df6-6007-438d-af4c-6746d5c0391f} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 1176 e5716b0 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.1.1245160853\1865787243" -parentBuildID 20230414125621 -prefsHandle 1424 -prefMapHandle 1420 -prefsLen 28580 -prefMapSize 241396 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {e9b9f8c9-50d1-454d-a3b3-b3ec47d2603d} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 1432 104db450 socket
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.3.370155241\1994439680" -childID 2 -isForBrowser -prefsHandle 2624 -prefMapHandle 2380 -prefsLen 29182 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {39b9894f-91a2-49d5-822c-72f21c9cc822} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 1812 179dde00 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.6.1423951152\1973316726" -childID 5 -isForBrowser -prefsHandle 3136 -prefMapHandle 2340 -prefsLen 30379 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {2df0130d-92e9-474f-9a65-4de942f1b1e8} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 3148 1ad54b20 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.10.310097981\1767402065" -childID 9 -isForBrowser -prefsHandle 8072 -prefMapHandle 8068 -prefsLen 31418 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {1e9d8e19-473c-4a1c-8cf4-322b613c8aba} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 8080 207b0c90 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.12.1909141525\2056931526" -parentBuildID 20230414125621 -prefsHandle 7816 -prefMapHandle 7812 -prefsLen 37326 -prefMapSize 241396 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {db68e32c-03ec-4bce-8ac0-d3c200799a7d} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 7836 1abb5f20 rdd
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.13.1507336933\1634103009" -parentBuildID 20230414125621 -sandboxingKind 1 -prefsHandle 7840 -prefMapHandle 7824 -prefsLen 37326 -prefMapSize 241396 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {af8eacd9-8462-4128-9bab-b892ab5be124} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 7972 104dba90 utility
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.14.297478815\657686612" -childID 11 -isForBrowser -prefsHandle 3732 -prefMapHandle 3712 -prefsLen 32366 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {7b9f9985-c88c-42aa-96f7-8582d1fccd19} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 3944 1f3bfc90 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.15.19134254\893218608" -childID 12 -isForBrowser -prefsHandle 8224 -prefMapHandle 2356 -prefsLen 32366 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {b6484dfc-7a4b-4c55-96b5-bc0faf93995c} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 1916 145583f0 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.16.870144806\352356" -childID 13 -isForBrowser -prefsHandle 4368 -prefMapHandle 3868 -prefsLen 32366 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {fbe17d0a-1a67-4a2e-9824-4469a66cd373} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 4356 10740110 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1488.17.1294512068\1164165300" -childID 14 -isForBrowser -prefsHandle 7924 -prefMapHandle 7932 -prefsLen 32366 -prefMapSize 241396 -jsInitHandle 932 -jsInitLen 240056 -a11yResourceId 32 -parentBuildID 20230414125621 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - {0bad6cdb-7564-460b-a0df-38dd3ab8716a} 1488 "\\.\pipe\gecko-crash-server-pipe.1488" 4392 14558b20 tab
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\user\Desktop\RSITx64(1).exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\
bingp.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\1.3.36.202\GoogleUpdateCore.exe [2023-04-17 223000]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2023-04-22 22:54:16 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-22 22:49:19 ----D---- C:\rsit
2023-04-22 22:49:19 ----D---- C:\Program Files\trend micro
2023-04-22 22:42:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2023-04-22 22:54:19 ----D---- C:\ProgramData\Mozilla
2023-04-22 22:54:16 ----HD---- C:\ProgramData
2023-04-22 22:54:14 ----D---- C:\Windows\Temp
2023-04-22 22:54:14 ----D---- C:\Windows\system32\Tasks
2023-04-22 22:54:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-22 22:54:14 ----A---- C:\Windows\wininit.ini
2023-04-22 22:54:07 ----D---- C:\Program Files (x86)
2023-04-22 22:49:19 ----D---- C:\Program Files
2023-04-22 22:43:27 ----SHD---- C:\System Volume Information
2023-04-22 22:40:43 ----D---- C:\Windows\System32
2023-04-22 22:40:43 ----D---- C:\Windows\inf
2023-04-22 22:40:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2023-04-22 22:37:32 ----D---- C:\Windows\system32\config
2023-04-14 17:18:59 ----D---- C:\Windows\system32\MRT
2023-04-14 17:18:51 ----AC---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-04-01 104976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-14 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2021-02-21 60640]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-06-11 868896]
R2 GREGService;GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-01-08 23584]
R2 Updater Service;Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-03 224152]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-03 224152]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-15 655624]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [2020-06-12 1507216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-04-22 224160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-05 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pravděpodobně zavirovaný PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pravděpodobně zavirovaný PC
Zdravím! Sejte logy FRST+Addition. HJT není plně kompatibilní se souč.b Sysytémy. Děkuji .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
Re: Pravděpodobně zavirovaný PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2023 01
Ran by user (administrator) on USER-NTB (eMachines eME642) (23-04-2023 14:48:07)
Running from C:\Users\user\Desktop\FRST64.exe
Loaded Profiles: user
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Acer Incorporated -> Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\1.3.36.202\GoogleUpdateCore.exe [223000 2023-04-17] (Google LLC -> Google LLC)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-23] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {036675AA-EB9E-4C6B-BB25-D51B5A73F83A} - System32\Tasks\{EE3385A5-024C-4FC4-9AB9-8605A0232D0E} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [3151128 2023-01-24] (Google LLC -> Google LLC)
Task: {1C7359DA-29FB-4CD2-99F9-5B76FC57C316} - System32\Tasks\{712A9868-A30C-4231-A228-5B769EA2335F} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [3151128 2023-01-24] (Google LLC -> Google LLC)
Task: {343733A4-AA2D-4EDE-A92D-7F74D6B46259} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [668064 2023-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {5D6CC70A-C6D9-459E-BB63-11A2C4F1E58F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {7C9EA194-D48E-470A-B03E-0978BB48D5B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {823B23DD-084E-4FAB-879D-AAD84628F54B} - System32\Tasks\{75C303ED-E6D6-4083-9827-0D79BCEF4BE5} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [3151128 2023-01-24] (Google LLC -> Google LLC)
Task: {B474AA56-42A0-4682-AF19-0677D249E9D5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [603040 2023-04-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D4BA8A9E-152E-4A40-9A3B-491192320363} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CE5CE4DD-474C-4FC6-A72C-C9DDB2D9B875}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-23]
FireFox:
========
FF DefaultProfile: ibt1axws.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default [2023-04-23]
FF DownloadDir: C:\Users\user\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ibt1axws.default -> www.seznam.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\Extensions\sp@avast.com.xpi [2023-04-22]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\bingp.xml [2015-02-01]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-04-23]
CHR DownloadDir: C:\Users\user\Desktop
CHR Notifications: Default -> hxxps://greatcaptchanow.top; hxxps://meet.google.com; hxxps://www.zapakatel.cz
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Extension: (Vyhledávání Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2022-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
StartMenuInternet: Google Chrome.S42TYNDRBBZ2OSUJKEJKPRPPRA - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated -> Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent Inc -> WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Incorporated -> Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6406144 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-23 14:48 - 2023-04-23 14:49 - 000010671 _____ C:\Users\user\Desktop\FRST.txt
2023-04-23 14:46 - 2023-04-23 14:49 - 000000000 ____D C:\FRST
2023-04-23 14:45 - 2023-04-23 14:45 - 002381824 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-04-23 13:50 - 2023-04-23 13:51 - 000000000 ____D C:\Program Files\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\AppData\Roaming\com.adobe.dunamis
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\.ms-ad
2023-04-23 13:41 - 2023-04-23 13:44 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-23 13:40 - 2023-04-23 13:45 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-23 13:40 - 2023-04-23 13:45 - 000002016 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-23 13:37 - 2023-04-23 13:38 - 259399120 _____ (Adobe Systems Incorporated) C:\Users\user\Desktop\AcroRdrDC2300120064_cs_CZ.exe
2023-04-23 12:27 - 2023-04-23 12:27 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2023-04-23 12:21 - 2023-04-23 12:21 - 000002221 _____ C:\Users\user\Desktop\Microsoft Edge.lnk
2023-04-22 22:56 - 2023-04-22 22:56 - 001222144 _____ C:\Users\user\Desktop\RSITx64(1).exe
2023-04-22 22:54 - 2023-04-23 14:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-22 22:54 - 2023-04-22 22:54 - 000002184 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-04-22 22:54 - 2023-04-22 22:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-22 22:49 - 2023-04-22 22:57 - 000000000 ____D C:\Program Files\trend micro
2023-04-22 22:49 - 2023-04-22 22:49 - 000000000 ____D C:\rsit
2023-04-22 22:48 - 2023-04-22 22:48 - 001222144 _____ C:\Users\user\Desktop\RSITx64.exe
2023-04-22 22:42 - 2023-04-22 22:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-23 14:40 - 2013-04-04 23:30 - 000681726 _____ C:\Windows\system32\perfh005.dat
2023-04-23 14:40 - 2013-04-04 23:30 - 000146140 _____ C:\Windows\system32\perfc005.dat
2023-04-23 14:40 - 2009-07-14 07:13 - 001611012 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-23 14:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-04-23 13:42 - 2013-04-04 16:39 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe
2023-04-23 13:42 - 2013-04-04 15:37 - 000000000 ____D C:\Users\user\AppData\Local\Adobe
2023-04-23 13:41 - 2010-07-15 03:34 - 000000000 ____D C:\ProgramData\Adobe
2023-04-23 13:41 - 2010-07-15 03:33 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-04-23 12:17 - 2015-06-27 11:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2023-04-23 08:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-04-23 08:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-04-22 22:54 - 2018-12-03 12:56 - 000000464 _____ C:\Windows\wininit.ini
2023-04-22 22:54 - 2013-04-04 15:31 - 000000000 ____D C:\ProgramData\Mozilla
2023-04-22 22:54 - 2013-04-04 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-22 22:53 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-22 22:42 - 2020-11-25 10:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2023-04-17 12:22 - 2014-11-16 17:34 - 000003584 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000Core
2023-04-17 12:22 - 2013-04-06 14:41 - 000003856 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000UA
2023-04-14 17:18 - 2013-08-23 20:33 - 000000000 ____D C:\Windows\system32\MRT
2023-04-14 17:18 - 2013-05-27 11:30 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp
2015-03-29 18:07 - 2015-03-29 18:07 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2019-05-29 15:51 - 2019-05-29 15:51 - 000000000 _____ () C:\Users\user\AppData\Local\{FBBD2D8F-24BD-4752-81CF-E494C6B3E9BE}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-04-22 23:35
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2023 01
Ran by user (23-04-2023 14:50:05)
Running from C:\Users\user\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2013-04-04 12:16:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3233437075-1562573552-895271707-500 - Administrator - Disabled)
Guest (S-1-5-21-3233437075-1562573552-895271707-501 - Limited - Disabled)
user (S-1-5-21-3233437075-1562573552-895271707-1000 - Administrator - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Install Manager (HKLM\...\{DE74B890-4025-A7BE-8EBC-F374528DCFFD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Catalyst Control Center - Branding (HKLM-x32\...\{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}) (Version: 1.00.0000 - ATI) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Google Chrome (HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - eMachines)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Choice Guard (HKLM-x32\...\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}) (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 cs) (HKLM-x32\...\Mozilla Firefox 112.0.1 (x86 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 112.0.1.8504 - Mozilla)
MSVCRT (HKLM-x32\...\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}) (Version: 14.0.1468.721 - Microsoft) Hidden
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Video Web Camera (HKLM-x32\...\{62D1C755-74C9-4BA0-841B-B7D795DEA9C7}) (Version: 1.0.4.2 - Liteon)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Communications Platform (HKLM-x32\...\{3B4E636E-9D65-4D67-BA61-189800823F52}) (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Fotogalerie (HKLM-x32\...\{1D097338-B4FA-4F29-9C43-8D7A970A007E}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{71E40B32-5173-4538-8996-5822DD18E8D4}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (HKLM-x32\...\{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}) (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (HKLM-x32\...\{479A749B-1684-4881-8266-BF8DD22251E7}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\user\AppData\Local\Google\Chrome\Application\109.0.5414.120\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r
SearchScopes: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-08-08 12:26 - 000450637 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15461 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90D89A19-DD71-4F94-A924-70E8E6A18CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8299F73-06B2-48CD-A148-FF72DE9E8F92}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{82CF5BB0-4B14-43B7-A6E7-83B0D88CF85F}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1B54EA6-62DA-4E94-9FFB-FAF06313A3BC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{987CF1EC-B777-4679-AE85-283A0A2E02C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{609A7015-25B0-4472-8728-84A2E49D54F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{401FD28A-16CF-4E34-88FB-ED8EA93EB2CE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A64CDA7D-C1AF-45C7-A4F0-970289D9CEAE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C21C6E6D-F20B-4E41-967C-672BD372FF45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D1AE15B-3079-4282-BC28-5E6BD250B673}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BED7D0B3-1F4B-422F-8F5E-D6C03F0DF126}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9EB5228B-58CD-45A7-BEB0-EAAC7E3093F3}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-12-2022 12:04:44 Windows Update
30-12-2022 17:10:40 Windows Update
03-01-2023 11:23:32 Windows Update
11-01-2023 12:28:06 Windows Update
11-01-2023 12:56:58 Windows Update
17-01-2023 11:40:38 Windows Update
21-01-2023 11:37:45 Windows Update
01-02-2023 11:28:04 Windows Update
06-02-2023 13:34:32 Windows Update
09-02-2023 16:27:45 Windows Update
13-02-2023 10:52:31 Windows Update
16-02-2023 17:38:22 Windows Update
16-02-2023 17:58:21 Windows Update
21-02-2023 12:42:38 Windows Update
27-02-2023 10:59:32 Windows Update
07-03-2023 20:05:36 Windows Update
12-03-2023 16:38:50 Windows Update
15-03-2023 11:49:28 Windows Update
21-03-2023 10:52:42 Windows Update
26-03-2023 18:21:45 Windows Update
09-04-2023 12:22:35 Windows Update
14-04-2023 17:18:13 Windows Update
17-04-2023 12:28:20 Windows Update
22-04-2023 22:41:29 Windows Update
23-04-2023 13:39:54 Installed Adobe Acrobat Reader DC - Czech.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2023 05:17:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).
Error: (02/05/2023 03:57:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0x01d93969b7416227
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: ffb41b51-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xfa8
Čas spuštění chybující aplikace: 0x01d939699f33e556
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e71c2d6f-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:54:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x10c4
Čas spuštění chybující aplikace: 0x01d939694e9e9680
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 96db1d60-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x994
Čas spuštění chybující aplikace: 0x01d939689999de77
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e0aa972a-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:47:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x8dc
Čas spuštění chybující aplikace: 0x01d939685ef3c8d5
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: a6106869-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xddc
Čas spuštění chybující aplikace: 0x01d93967ebef906e
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 39d7a77b-a55b-11ed-8843-88ae1d7cd8a8
Error: (05/19/2022 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xe6c
Čas spuštění chybující aplikace: 0x01d86b6ff3bab4c0
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 3b427241-d763-11ec-945f-88ae1d7cd8a8
System errors:
=============
Error: (04/23/2023 02:54:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/23/2023 01:42:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (04/23/2023 01:42:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/23/2023 12:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (04/23/2023 12:34:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/23/2023 12:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (04/23/2023 12:34:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/23/2023 12:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================Event[0]:
Date: 2021-06-29 10:43:06.316
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1224.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 10:43:06.314
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.629.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-08 09:06:55.664
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.339.21.0
Předchozí verze podpisu:1.337.491.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18100.6
Předchozí verze modulu:1.1.18100.5
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: eMachines V2.00 08/23/2010
Motherboard: eMachines HM53_DN
Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 5882.9 MB
Available physical RAM: 2658.98 MB
Total Virtual: 11763.94 MB
Available Virtual: 8225.97 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:209.47 GB) (Free:139.26 GB) (Model: Patriot Burst ATA Device) NTFS
\\?\Volume{c3d55514-9d1b-11e2-b77e-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{c3d55513-9d1b-11e2-b77e-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:2.21 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AE9D615B)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by user (administrator) on USER-NTB (eMachines eME642) (23-04-2023 14:48:07)
Running from C:\Users\user\Desktop\FRST64.exe
Loaded Profiles: user
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Acer Incorporated -> Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\1.3.36.202\GoogleUpdateCore.exe [223000 2023-04-17] (Google LLC -> Google LLC)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-23] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {036675AA-EB9E-4C6B-BB25-D51B5A73F83A} - System32\Tasks\{EE3385A5-024C-4FC4-9AB9-8605A0232D0E} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [3151128 2023-01-24] (Google LLC -> Google LLC)
Task: {1C7359DA-29FB-4CD2-99F9-5B76FC57C316} - System32\Tasks\{712A9868-A30C-4231-A228-5B769EA2335F} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [3151128 2023-01-24] (Google LLC -> Google LLC)
Task: {343733A4-AA2D-4EDE-A92D-7F74D6B46259} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [668064 2023-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {5D6CC70A-C6D9-459E-BB63-11A2C4F1E58F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {7C9EA194-D48E-470A-B03E-0978BB48D5B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {823B23DD-084E-4FAB-879D-AAD84628F54B} - System32\Tasks\{75C303ED-E6D6-4083-9827-0D79BCEF4BE5} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [3151128 2023-01-24] (Google LLC -> Google LLC)
Task: {B474AA56-42A0-4682-AF19-0677D249E9D5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [603040 2023-04-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D4BA8A9E-152E-4A40-9A3B-491192320363} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CE5CE4DD-474C-4FC6-A72C-C9DDB2D9B875}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-23]
FireFox:
========
FF DefaultProfile: ibt1axws.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default [2023-04-23]
FF DownloadDir: C:\Users\user\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ibt1axws.default -> www.seznam.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\Extensions\sp@avast.com.xpi [2023-04-22]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\bingp.xml [2015-02-01]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-04-23]
CHR DownloadDir: C:\Users\user\Desktop
CHR Notifications: Default -> hxxps://greatcaptchanow.top; hxxps://meet.google.com; hxxps://www.zapakatel.cz
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Extension: (Vyhledávání Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2022-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
StartMenuInternet: Google Chrome.S42TYNDRBBZ2OSUJKEJKPRPPRA - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated -> Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent Inc -> WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Incorporated -> Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6406144 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-23 14:48 - 2023-04-23 14:49 - 000010671 _____ C:\Users\user\Desktop\FRST.txt
2023-04-23 14:46 - 2023-04-23 14:49 - 000000000 ____D C:\FRST
2023-04-23 14:45 - 2023-04-23 14:45 - 002381824 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-04-23 13:50 - 2023-04-23 13:51 - 000000000 ____D C:\Program Files\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\AppData\Roaming\com.adobe.dunamis
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\.ms-ad
2023-04-23 13:41 - 2023-04-23 13:44 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-23 13:40 - 2023-04-23 13:45 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-23 13:40 - 2023-04-23 13:45 - 000002016 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-23 13:37 - 2023-04-23 13:38 - 259399120 _____ (Adobe Systems Incorporated) C:\Users\user\Desktop\AcroRdrDC2300120064_cs_CZ.exe
2023-04-23 12:27 - 2023-04-23 12:27 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2023-04-23 12:21 - 2023-04-23 12:21 - 000002221 _____ C:\Users\user\Desktop\Microsoft Edge.lnk
2023-04-22 22:56 - 2023-04-22 22:56 - 001222144 _____ C:\Users\user\Desktop\RSITx64(1).exe
2023-04-22 22:54 - 2023-04-23 14:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-22 22:54 - 2023-04-22 22:54 - 000002184 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-04-22 22:54 - 2023-04-22 22:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-22 22:49 - 2023-04-22 22:57 - 000000000 ____D C:\Program Files\trend micro
2023-04-22 22:49 - 2023-04-22 22:49 - 000000000 ____D C:\rsit
2023-04-22 22:48 - 2023-04-22 22:48 - 001222144 _____ C:\Users\user\Desktop\RSITx64.exe
2023-04-22 22:42 - 2023-04-22 22:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-23 14:40 - 2013-04-04 23:30 - 000681726 _____ C:\Windows\system32\perfh005.dat
2023-04-23 14:40 - 2013-04-04 23:30 - 000146140 _____ C:\Windows\system32\perfc005.dat
2023-04-23 14:40 - 2009-07-14 07:13 - 001611012 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-23 14:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-04-23 13:42 - 2013-04-04 16:39 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe
2023-04-23 13:42 - 2013-04-04 15:37 - 000000000 ____D C:\Users\user\AppData\Local\Adobe
2023-04-23 13:41 - 2010-07-15 03:34 - 000000000 ____D C:\ProgramData\Adobe
2023-04-23 13:41 - 2010-07-15 03:33 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-04-23 12:17 - 2015-06-27 11:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2023-04-23 08:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-04-23 08:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-04-22 22:54 - 2018-12-03 12:56 - 000000464 _____ C:\Windows\wininit.ini
2023-04-22 22:54 - 2013-04-04 15:31 - 000000000 ____D C:\ProgramData\Mozilla
2023-04-22 22:54 - 2013-04-04 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-22 22:53 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-22 22:42 - 2020-11-25 10:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2023-04-17 12:22 - 2014-11-16 17:34 - 000003584 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000Core
2023-04-17 12:22 - 2013-04-06 14:41 - 000003856 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000UA
2023-04-14 17:18 - 2013-08-23 20:33 - 000000000 ____D C:\Windows\system32\MRT
2023-04-14 17:18 - 2013-05-27 11:30 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp
2015-03-29 18:07 - 2015-03-29 18:07 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2019-05-29 15:51 - 2019-05-29 15:51 - 000000000 _____ () C:\Users\user\AppData\Local\{FBBD2D8F-24BD-4752-81CF-E494C6B3E9BE}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-04-22 23:35
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2023 01
Ran by user (23-04-2023 14:50:05)
Running from C:\Users\user\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2013-04-04 12:16:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3233437075-1562573552-895271707-500 - Administrator - Disabled)
Guest (S-1-5-21-3233437075-1562573552-895271707-501 - Limited - Disabled)
user (S-1-5-21-3233437075-1562573552-895271707-1000 - Administrator - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Install Manager (HKLM\...\{DE74B890-4025-A7BE-8EBC-F374528DCFFD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Catalyst Control Center - Branding (HKLM-x32\...\{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}) (Version: 1.00.0000 - ATI) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Google Chrome (HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - eMachines)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Choice Guard (HKLM-x32\...\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}) (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 cs) (HKLM-x32\...\Mozilla Firefox 112.0.1 (x86 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 112.0.1.8504 - Mozilla)
MSVCRT (HKLM-x32\...\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}) (Version: 14.0.1468.721 - Microsoft) Hidden
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Video Web Camera (HKLM-x32\...\{62D1C755-74C9-4BA0-841B-B7D795DEA9C7}) (Version: 1.0.4.2 - Liteon)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Communications Platform (HKLM-x32\...\{3B4E636E-9D65-4D67-BA61-189800823F52}) (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Fotogalerie (HKLM-x32\...\{1D097338-B4FA-4F29-9C43-8D7A970A007E}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{71E40B32-5173-4538-8996-5822DD18E8D4}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (HKLM-x32\...\{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}) (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (HKLM-x32\...\{479A749B-1684-4881-8266-BF8DD22251E7}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\user\AppData\Local\Google\Chrome\Application\109.0.5414.120\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r
SearchScopes: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-08-08 12:26 - 000450637 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15461 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90D89A19-DD71-4F94-A924-70E8E6A18CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8299F73-06B2-48CD-A148-FF72DE9E8F92}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{82CF5BB0-4B14-43B7-A6E7-83B0D88CF85F}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1B54EA6-62DA-4E94-9FFB-FAF06313A3BC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{987CF1EC-B777-4679-AE85-283A0A2E02C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{609A7015-25B0-4472-8728-84A2E49D54F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{401FD28A-16CF-4E34-88FB-ED8EA93EB2CE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A64CDA7D-C1AF-45C7-A4F0-970289D9CEAE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C21C6E6D-F20B-4E41-967C-672BD372FF45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D1AE15B-3079-4282-BC28-5E6BD250B673}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BED7D0B3-1F4B-422F-8F5E-D6C03F0DF126}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9EB5228B-58CD-45A7-BEB0-EAAC7E3093F3}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-12-2022 12:04:44 Windows Update
30-12-2022 17:10:40 Windows Update
03-01-2023 11:23:32 Windows Update
11-01-2023 12:28:06 Windows Update
11-01-2023 12:56:58 Windows Update
17-01-2023 11:40:38 Windows Update
21-01-2023 11:37:45 Windows Update
01-02-2023 11:28:04 Windows Update
06-02-2023 13:34:32 Windows Update
09-02-2023 16:27:45 Windows Update
13-02-2023 10:52:31 Windows Update
16-02-2023 17:38:22 Windows Update
16-02-2023 17:58:21 Windows Update
21-02-2023 12:42:38 Windows Update
27-02-2023 10:59:32 Windows Update
07-03-2023 20:05:36 Windows Update
12-03-2023 16:38:50 Windows Update
15-03-2023 11:49:28 Windows Update
21-03-2023 10:52:42 Windows Update
26-03-2023 18:21:45 Windows Update
09-04-2023 12:22:35 Windows Update
14-04-2023 17:18:13 Windows Update
17-04-2023 12:28:20 Windows Update
22-04-2023 22:41:29 Windows Update
23-04-2023 13:39:54 Installed Adobe Acrobat Reader DC - Czech.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2023 05:17:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).
Error: (02/05/2023 03:57:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0x01d93969b7416227
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: ffb41b51-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xfa8
Čas spuštění chybující aplikace: 0x01d939699f33e556
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e71c2d6f-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:54:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x10c4
Čas spuštění chybující aplikace: 0x01d939694e9e9680
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 96db1d60-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x994
Čas spuštění chybující aplikace: 0x01d939689999de77
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e0aa972a-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:47:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x8dc
Čas spuštění chybující aplikace: 0x01d939685ef3c8d5
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: a6106869-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xddc
Čas spuštění chybující aplikace: 0x01d93967ebef906e
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 39d7a77b-a55b-11ed-8843-88ae1d7cd8a8
Error: (05/19/2022 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xe6c
Čas spuštění chybující aplikace: 0x01d86b6ff3bab4c0
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 3b427241-d763-11ec-945f-88ae1d7cd8a8
System errors:
=============
Error: (04/23/2023 02:54:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/23/2023 01:42:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (04/23/2023 01:42:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/23/2023 12:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (04/23/2023 12:34:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/23/2023 12:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (04/23/2023 12:34:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/23/2023 12:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================Event[0]:
Date: 2021-06-29 10:43:06.316
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1224.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 10:43:06.314
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.629.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-08 09:06:55.664
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.339.21.0
Předchozí verze podpisu:1.337.491.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18100.6
Předchozí verze modulu:1.1.18100.5
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: eMachines V2.00 08/23/2010
Motherboard: eMachines HM53_DN
Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 5882.9 MB
Available physical RAM: 2658.98 MB
Total Virtual: 11763.94 MB
Available Virtual: 8225.97 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:209.47 GB) (Free:139.26 GB) (Model: Patriot Burst ATA Device) NTFS
\\?\Volume{c3d55514-9d1b-11e2-b77e-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{c3d55513-9d1b-11e2-b77e-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:2.21 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AE9D615B)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
***
Re: Pravděpodobně zavirovaný PC
Ahoj,
v Chromu máš pravděpodobně něco, co tam nepatří - proskenuj PC pomoci AdwCleaneru a MBAMu - logy sem
https://www.malwarebytes.com/adwcleaner
https://www.malwarebytes.com/mwb-download
následně dej nové logy z FRST (oba). O upgradu na podporovaný Win10 jsi nepřemýšlel?
v Chromu máš pravděpodobně něco, co tam nepatří - proskenuj PC pomoci AdwCleaneru a MBAMu - logy sem
https://www.malwarebytes.com/adwcleaner
https://www.malwarebytes.com/mwb-download
následně dej nové logy z FRST (oba). O upgradu na podporovaný Win10 jsi nepřemýšlel?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
Re: Pravděpodobně zavirovaný PC
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-26-2023
# Duration: 00:00:40
# OS: Windows 7 Service Pack 1
# Scanned: 32104
# Detected: 26
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.LoadMoney C:\ProgramData\Partner
PUP.Optional.Seznam.cz C:\Users\user\AppData\Local\Seznam.cz
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\bingp.xml
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card
Preinstalled.AcereMachinesGameConsole File C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eMachines Games.lnk
Preinstalled.AcereMachinesGameConsole Folder C:\Program Files (x86)\EMACHINES GAMES
Preinstalled.AcereMachinesPowerManagement Folder C:\Program Files\EMACHINES\EMACHINES POWER MANAGEMENT
Preinstalled.AcereMachinesRegistration Folder C:\Program Files (x86)\EMACHINES\REGISTRATION
Preinstalled.AcereMachinesRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\eMachines Registration
Preinstalled.AcereMachinesScreenSaver Folder C:\Program Files (x86)\EMACHINES\SCREENSAVER
Preinstalled.AcereMachinesScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\eMachines Screensaver
Preinstalled.AcereMachinesUpdater Folder C:\Program Files\EMACHINES\EMACHINES UPDATER
Preinstalled.AcereMachinesUpdater Folder C:\ProgramData\EMACHINES\EMACHINES UPDATER
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}
Preinstalled.VideoWebCamera Folder C:\Program Files (x86)\VIDEO WEB CAMERA
Preinstalled.VideoWebCamera Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIDEO WEB CAMERA
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 26.04.23
Čas skenování: 16:57
Logovací soubor: b893c5be-e442-11ed-91fc-88ae1d7cd8a8.json
-Informace o softwaru-
Verze: 4.5.27.262
Verze komponentů: 1.0.1991
Aktualizovat verzi balíku komponent: 1.0.68586
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: user-NTB\user
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 215904
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
Uplynulý čas: 6 min, 31 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 2
PUP.Optional.Softonic, C:\$RECYCLE.BIN\S-1-5-21-3233437075-1562573552-895271707-1000\$RXYZRCR.EXE, Žádná uživatelská akce, 6177, 1079703, 1.0.68586, , ame, , ABA72AE2BBCBA8E6F22DB62018F33AEB, 11184AFA5DDCC05A096DD98E607A0DAE826C99B24D7EDA139BD6909E9727D8F4
MachineLearning/Anomalous.100%, C:\USERS\USER\APPDATA\LOCAL\TEMP\BITADEA.TMP, Žádná uživatelská akce, 0, 392687, 1.0.68586, , shuriken, , B3BCD027C31180514311E4C0CB1F920D, FC398525AAAF57A38D651D5942EFBD435F56033623E1208E00F45FB9C10D1233
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-26-2023
# Duration: 00:00:40
# OS: Windows 7 Service Pack 1
# Scanned: 32104
# Detected: 26
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.LoadMoney C:\ProgramData\Partner
PUP.Optional.Seznam.cz C:\Users\user\AppData\Local\Seznam.cz
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\bingp.xml
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card
Preinstalled.AcereMachinesGameConsole File C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eMachines Games.lnk
Preinstalled.AcereMachinesGameConsole Folder C:\Program Files (x86)\EMACHINES GAMES
Preinstalled.AcereMachinesPowerManagement Folder C:\Program Files\EMACHINES\EMACHINES POWER MANAGEMENT
Preinstalled.AcereMachinesRegistration Folder C:\Program Files (x86)\EMACHINES\REGISTRATION
Preinstalled.AcereMachinesRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\eMachines Registration
Preinstalled.AcereMachinesScreenSaver Folder C:\Program Files (x86)\EMACHINES\SCREENSAVER
Preinstalled.AcereMachinesScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\eMachines Screensaver
Preinstalled.AcereMachinesUpdater Folder C:\Program Files\EMACHINES\EMACHINES UPDATER
Preinstalled.AcereMachinesUpdater Folder C:\ProgramData\EMACHINES\EMACHINES UPDATER
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}
Preinstalled.VideoWebCamera Folder C:\Program Files (x86)\VIDEO WEB CAMERA
Preinstalled.VideoWebCamera Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIDEO WEB CAMERA
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 26.04.23
Čas skenování: 16:57
Logovací soubor: b893c5be-e442-11ed-91fc-88ae1d7cd8a8.json
-Informace o softwaru-
Verze: 4.5.27.262
Verze komponentů: 1.0.1991
Aktualizovat verzi balíku komponent: 1.0.68586
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: user-NTB\user
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 215904
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
Uplynulý čas: 6 min, 31 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 2
PUP.Optional.Softonic, C:\$RECYCLE.BIN\S-1-5-21-3233437075-1562573552-895271707-1000\$RXYZRCR.EXE, Žádná uživatelská akce, 6177, 1079703, 1.0.68586, , ame, , ABA72AE2BBCBA8E6F22DB62018F33AEB, 11184AFA5DDCC05A096DD98E607A0DAE826C99B24D7EDA139BD6909E9727D8F4
MachineLearning/Anomalous.100%, C:\USERS\USER\APPDATA\LOCAL\TEMP\BITADEA.TMP, Žádná uživatelská akce, 0, 392687, 1.0.68586, , shuriken, , B3BCD027C31180514311E4C0CB1F920D, FC398525AAAF57A38D651D5942EFBD435F56033623E1208E00F45FB9C10D1233
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
***
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
Re: Pravděpodobně zavirovaný PC
FireFox:
========
FF DefaultProfile: ibt1axws.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default [2023-04-26]
FF DownloadDir: C:\Users\user\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ibt1axws.default -> www.seznam.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\Extensions\sp@avast.com.xpi [2023-04-22]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\bingp.xml [2015-02-01]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-04-26]
CHR DownloadDir: C:\Users\user\Desktop
CHR Notifications: Default -> hxxps://greatcaptchanow.top; hxxps://meet.google.com; hxxps://www.zapakatel.cz
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Extension: (Vyhledávání Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2022-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
StartMenuInternet: Google Chrome.S42TYNDRBBZ2OSUJKEJKPRPPRA - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated -> Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent Inc -> WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-26] (Malwarebytes Inc. -> Malwarebytes)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Incorporated -> Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6406144 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198584 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [149432 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-26 17:17 - 2023-04-26 17:18 - 000005714 _____ C:\Users\user\Desktop\FRST.txt
2023-04-26 17:07 - 2023-04-26 17:07 - 000000000 ____D C:\Users\user\Desktop\FRST-OlderVersion
2023-04-26 16:57 - 2023-04-26 16:57 - 000000000 ____D C:\Users\user\AppData\Local\mbam
2023-04-26 16:56 - 2023-04-26 16:57 - 000000000 ____D C:\Users\user\AppData\Local\Malwarebytes
2023-04-26 16:56 - 2023-04-26 16:56 - 000001929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-26 16:56 - 2023-04-26 16:56 - 000001917 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-26 16:55 - 2023-04-26 16:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-26 16:55 - 2023-04-26 16:55 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-26 16:50 - 2023-04-26 16:50 - 002649088 _____ (Malwarebytes) C:\Users\user\Desktop\MBSetup-8978C49F.exe
2023-04-26 16:46 - 2023-04-26 16:47 - 000000000 ____D C:\AdwCleaner
2023-04-26 16:46 - 2023-04-26 16:46 - 008791352 _____ (Malwarebytes) C:\Users\user\Desktop\adwcleaner.exe
2023-04-24 16:52 - 2023-04-24 16:52 - 042732352 _____ C:\Users\user\Downloads\vlc-media-player-3.0.18-installer.exe
2023-04-24 16:52 - 2023-04-24 16:52 - 000001035 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-04-24 16:52 - 2023-04-24 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-04-23 14:46 - 2023-04-26 17:17 - 000000000 ____D C:\FRST
2023-04-23 14:45 - 2023-04-26 17:07 - 002382336 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-04-23 13:50 - 2023-04-23 13:51 - 000000000 ____D C:\Program Files\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\AppData\Roaming\com.adobe.dunamis
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\.ms-ad
2023-04-23 13:41 - 2023-04-23 13:44 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-23 13:40 - 2023-04-23 13:45 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-23 13:40 - 2023-04-23 13:45 - 000002016 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-23 13:37 - 2023-04-23 13:38 - 259399120 _____ (Adobe Systems Incorporated) C:\Users\user\Desktop\AcroRdrDC2300120064_cs_CZ.exe
2023-04-23 12:27 - 2023-04-23 12:27 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2023-04-23 12:21 - 2023-04-23 12:21 - 000002221 _____ C:\Users\user\Desktop\Microsoft Edge.lnk
2023-04-22 22:54 - 2023-04-26 16:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-22 22:54 - 2023-04-22 22:54 - 000002184 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-04-22 22:54 - 2023-04-22 22:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-22 22:49 - 2023-04-22 22:57 - 000000000 ____D C:\Program Files\trend micro
2023-04-22 22:49 - 2023-04-22 22:49 - 000000000 ____D C:\rsit
2023-04-22 22:42 - 2023-04-26 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-26 16:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-04-26 16:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-04-26 16:54 - 2013-04-04 15:37 - 000000000 ____D C:\Users\user\AppData\Local\Adobe
2023-04-26 16:47 - 2013-04-04 23:30 - 000681726 _____ C:\Windows\system32\perfh005.dat
2023-04-26 16:47 - 2013-04-04 23:30 - 000146140 _____ C:\Windows\system32\perfc005.dat
2023-04-26 16:47 - 2009-07-14 07:13 - 001611012 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-26 16:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-04-26 16:45 - 2014-11-16 17:34 - 000003584 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000Core
2023-04-26 16:45 - 2013-04-06 14:41 - 000003856 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000UA
2023-04-26 16:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-24 16:55 - 2013-11-12 14:29 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Proof
2023-04-24 16:55 - 2013-04-17 17:25 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Šablony
2023-04-24 16:54 - 2013-04-04 15:26 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2023-04-24 16:52 - 2013-04-04 15:24 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2023-04-23 20:08 - 2013-04-04 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-23 13:42 - 2013-04-04 16:39 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe
2023-04-23 13:41 - 2010-07-15 03:34 - 000000000 ____D C:\ProgramData\Adobe
2023-04-23 13:41 - 2010-07-15 03:33 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-04-23 12:17 - 2015-06-27 11:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2023-04-22 22:54 - 2018-12-03 12:56 - 000000464 _____ C:\Windows\wininit.ini
2023-04-22 22:54 - 2013-04-04 15:31 - 000000000 ____D C:\ProgramData\Mozilla
2023-04-22 22:42 - 2020-11-25 10:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2023-04-14 17:18 - 2013-08-23 20:33 - 000000000 ____D C:\Windows\system32\MRT
2023-04-14 17:18 - 2013-05-27 11:30 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp
2015-03-29 18:07 - 2015-03-29 18:07 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2019-05-29 15:51 - 2019-05-29 15:51 - 000000000 _____ () C:\Users\user\AppData\Local\{FBBD2D8F-24BD-4752-81CF-E494C6B3E9BE}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-04-22 23:35
==================== End of FRST.txt ========================
========
FF DefaultProfile: ibt1axws.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default [2023-04-26]
FF DownloadDir: C:\Users\user\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ibt1axws.default -> www.seznam.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\Extensions\sp@avast.com.xpi [2023-04-22]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ibt1axws.default\searchplugins\bingp.xml [2015-02-01]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-04-26]
CHR DownloadDir: C:\Users\user\Desktop
CHR Notifications: Default -> hxxps://greatcaptchanow.top; hxxps://meet.google.com; hxxps://www.zapakatel.cz
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Extension: (Vyhledávání Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2022-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
StartMenuInternet: Google Chrome.S42TYNDRBBZ2OSUJKEJKPRPPRA - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated -> Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent Inc -> WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-26] (Malwarebytes Inc. -> Malwarebytes)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Incorporated -> Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6406144 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198584 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [149432 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-26 17:17 - 2023-04-26 17:18 - 000005714 _____ C:\Users\user\Desktop\FRST.txt
2023-04-26 17:07 - 2023-04-26 17:07 - 000000000 ____D C:\Users\user\Desktop\FRST-OlderVersion
2023-04-26 16:57 - 2023-04-26 16:57 - 000000000 ____D C:\Users\user\AppData\Local\mbam
2023-04-26 16:56 - 2023-04-26 16:57 - 000000000 ____D C:\Users\user\AppData\Local\Malwarebytes
2023-04-26 16:56 - 2023-04-26 16:56 - 000001929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-26 16:56 - 2023-04-26 16:56 - 000001917 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-26 16:55 - 2023-04-26 16:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-26 16:55 - 2023-04-26 16:55 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-26 16:50 - 2023-04-26 16:50 - 002649088 _____ (Malwarebytes) C:\Users\user\Desktop\MBSetup-8978C49F.exe
2023-04-26 16:46 - 2023-04-26 16:47 - 000000000 ____D C:\AdwCleaner
2023-04-26 16:46 - 2023-04-26 16:46 - 008791352 _____ (Malwarebytes) C:\Users\user\Desktop\adwcleaner.exe
2023-04-24 16:52 - 2023-04-24 16:52 - 042732352 _____ C:\Users\user\Downloads\vlc-media-player-3.0.18-installer.exe
2023-04-24 16:52 - 2023-04-24 16:52 - 000001035 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-04-24 16:52 - 2023-04-24 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-04-23 14:46 - 2023-04-26 17:17 - 000000000 ____D C:\FRST
2023-04-23 14:45 - 2023-04-26 17:07 - 002382336 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-04-23 13:50 - 2023-04-23 13:51 - 000000000 ____D C:\Program Files\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:50 - 2023-04-23 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\AppData\Roaming\com.adobe.dunamis
2023-04-23 13:42 - 2023-04-23 13:42 - 000000000 ____D C:\Users\user\.ms-ad
2023-04-23 13:41 - 2023-04-23 13:44 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-04-23 13:40 - 2023-04-23 13:45 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-23 13:40 - 2023-04-23 13:45 - 000002016 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-23 13:37 - 2023-04-23 13:38 - 259399120 _____ (Adobe Systems Incorporated) C:\Users\user\Desktop\AcroRdrDC2300120064_cs_CZ.exe
2023-04-23 12:27 - 2023-04-23 12:27 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2023-04-23 12:21 - 2023-04-23 12:21 - 000002221 _____ C:\Users\user\Desktop\Microsoft Edge.lnk
2023-04-22 22:54 - 2023-04-26 16:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-22 22:54 - 2023-04-22 22:54 - 000002184 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-04-22 22:54 - 2023-04-22 22:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-22 22:49 - 2023-04-22 22:57 - 000000000 ____D C:\Program Files\trend micro
2023-04-22 22:49 - 2023-04-22 22:49 - 000000000 ____D C:\rsit
2023-04-22 22:42 - 2023-04-26 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-26 16:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-04-26 16:58 - 2009-07-14 06:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-04-26 16:54 - 2013-04-04 15:37 - 000000000 ____D C:\Users\user\AppData\Local\Adobe
2023-04-26 16:47 - 2013-04-04 23:30 - 000681726 _____ C:\Windows\system32\perfh005.dat
2023-04-26 16:47 - 2013-04-04 23:30 - 000146140 _____ C:\Windows\system32\perfc005.dat
2023-04-26 16:47 - 2009-07-14 07:13 - 001611012 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-26 16:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-04-26 16:45 - 2014-11-16 17:34 - 000003584 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000Core
2023-04-26 16:45 - 2013-04-06 14:41 - 000003856 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3233437075-1562573552-895271707-1000UA
2023-04-26 16:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-24 16:55 - 2013-11-12 14:29 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Proof
2023-04-24 16:55 - 2013-04-17 17:25 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Šablony
2023-04-24 16:54 - 2013-04-04 15:26 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2023-04-24 16:52 - 2013-04-04 15:24 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2023-04-23 20:08 - 2013-04-04 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-23 13:42 - 2013-04-04 16:39 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe
2023-04-23 13:41 - 2010-07-15 03:34 - 000000000 ____D C:\ProgramData\Adobe
2023-04-23 13:41 - 2010-07-15 03:33 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-04-23 12:17 - 2015-06-27 11:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2023-04-22 22:54 - 2018-12-03 12:56 - 000000464 _____ C:\Windows\wininit.ini
2023-04-22 22:54 - 2013-04-04 15:31 - 000000000 ____D C:\ProgramData\Mozilla
2023-04-22 22:42 - 2020-11-25 10:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2023-04-14 17:18 - 2013-08-23 20:33 - 000000000 ____D C:\Windows\system32\MRT
2023-04-14 17:18 - 2013-05-27 11:30 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp
2015-03-29 18:07 - 2015-03-29 18:07 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2019-05-29 15:51 - 2019-05-29 15:51 - 000000000 _____ () C:\Users\user\AppData\Local\{FBBD2D8F-24BD-4752-81CF-E494C6B3E9BE}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-04-22 23:35
==================== End of FRST.txt ========================
***
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
Re: Pravděpodobně zavirovaný PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2023
Ran by user (26-04-2023 17:18:34)
Running from C:\Users\user\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2013-04-04 12:16:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3233437075-1562573552-895271707-500 - Administrator - Disabled)
Guest (S-1-5-21-3233437075-1562573552-895271707-501 - Limited - Disabled)
user (S-1-5-21-3233437075-1562573552-895271707-1000 - Administrator - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Install Manager (HKLM\...\{DE74B890-4025-A7BE-8EBC-F374528DCFFD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Catalyst Control Center - Branding (HKLM-x32\...\{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}) (Version: 1.00.0000 - ATI) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Google Chrome (HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - eMachines)
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Choice Guard (HKLM-x32\...\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}) (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 cs) (HKLM-x32\...\Mozilla Firefox 112.0.1 (x86 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 112.0.1.8504 - Mozilla)
MSVCRT (HKLM-x32\...\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}) (Version: 14.0.1468.721 - Microsoft) Hidden
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Video Web Camera (HKLM-x32\...\{62D1C755-74C9-4BA0-841B-B7D795DEA9C7}) (Version: 1.0.4.2 - Liteon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Communications Platform (HKLM-x32\...\{3B4E636E-9D65-4D67-BA61-189800823F52}) (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Fotogalerie (HKLM-x32\...\{1D097338-B4FA-4F29-9C43-8D7A970A007E}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{71E40B32-5173-4538-8996-5822DD18E8D4}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (HKLM-x32\...\{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}) (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (HKLM-x32\...\{479A749B-1684-4881-8266-BF8DD22251E7}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{5D44759C-CF3F-433D-9EA0-267E45577C77}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\user\AppData\Local\Google\Chrome\Application\109.0.5414.120\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r
SearchScopes: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-08-08 12:26 - 000450637 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15461 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90D89A19-DD71-4F94-A924-70E8E6A18CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8299F73-06B2-48CD-A148-FF72DE9E8F92}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{82CF5BB0-4B14-43B7-A6E7-83B0D88CF85F}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1B54EA6-62DA-4E94-9FFB-FAF06313A3BC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{987CF1EC-B777-4679-AE85-283A0A2E02C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{609A7015-25B0-4472-8728-84A2E49D54F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{401FD28A-16CF-4E34-88FB-ED8EA93EB2CE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A64CDA7D-C1AF-45C7-A4F0-970289D9CEAE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C21C6E6D-F20B-4E41-967C-672BD372FF45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D1AE15B-3079-4282-BC28-5E6BD250B673}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BED7D0B3-1F4B-422F-8F5E-D6C03F0DF126}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9EB5228B-58CD-45A7-BEB0-EAAC7E3093F3}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-12-2022 12:04:44 Windows Update
30-12-2022 17:10:40 Windows Update
03-01-2023 11:23:32 Windows Update
11-01-2023 12:28:06 Windows Update
11-01-2023 12:56:58 Windows Update
17-01-2023 11:40:38 Windows Update
21-01-2023 11:37:45 Windows Update
01-02-2023 11:28:04 Windows Update
06-02-2023 13:34:32 Windows Update
09-02-2023 16:27:45 Windows Update
13-02-2023 10:52:31 Windows Update
16-02-2023 17:38:22 Windows Update
16-02-2023 17:58:21 Windows Update
21-02-2023 12:42:38 Windows Update
27-02-2023 10:59:32 Windows Update
07-03-2023 20:05:36 Windows Update
12-03-2023 16:38:50 Windows Update
15-03-2023 11:49:28 Windows Update
21-03-2023 10:52:42 Windows Update
26-03-2023 18:21:45 Windows Update
09-04-2023 12:22:35 Windows Update
14-04-2023 17:18:13 Windows Update
17-04-2023 12:28:20 Windows Update
22-04-2023 22:41:29 Windows Update
23-04-2023 13:39:54 Installed Adobe Acrobat Reader DC - Czech.
26-04-2023 16:49:12 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2023 05:17:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).
Error: (02/05/2023 03:57:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0x01d93969b7416227
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: ffb41b51-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xfa8
Čas spuštění chybující aplikace: 0x01d939699f33e556
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e71c2d6f-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:54:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x10c4
Čas spuštění chybující aplikace: 0x01d939694e9e9680
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 96db1d60-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x994
Čas spuštění chybující aplikace: 0x01d939689999de77
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e0aa972a-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:47:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x8dc
Čas spuštění chybující aplikace: 0x01d939685ef3c8d5
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: a6106869-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xddc
Čas spuštění chybující aplikace: 0x01d93967ebef906e
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 39d7a77b-a55b-11ed-8843-88ae1d7cd8a8
Error: (05/19/2022 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xe6c
Čas spuštění chybující aplikace: 0x01d86b6ff3bab4c0
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 3b427241-d763-11ec-945f-88ae1d7cd8a8
System errors:
=============
Error: (04/26/2023 05:14:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/26/2023 04:57:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Windows Defender:
================Event[0]:
Date: 2021-06-29 10:43:06.316
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1224.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 10:43:06.314
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.629.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-08 09:06:55.664
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.339.21.0
Předchozí verze podpisu:1.337.491.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18100.6
Předchozí verze modulu:1.1.18100.5
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: eMachines V2.00 08/23/2010
Motherboard: eMachines HM53_DN
Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Percentage of memory in use: 59%
Total physical RAM: 5882.9 MB
Available physical RAM: 2361.89 MB
Total Virtual: 11763.94 MB
Available Virtual: 7319 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:209.47 GB) (Free:136.35 GB) (Model: Patriot Burst ATA Device) NTFS
\\?\Volume{c3d55514-9d1b-11e2-b77e-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{c3d55513-9d1b-11e2-b77e-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:2.21 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AE9D615B)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by user (26-04-2023 17:18:34)
Running from C:\Users\user\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2013-04-04 12:16:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3233437075-1562573552-895271707-500 - Administrator - Disabled)
Guest (S-1-5-21-3233437075-1562573552-895271707-501 - Limited - Disabled)
user (S-1-5-21-3233437075-1562573552-895271707-1000 - Administrator - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Install Manager (HKLM\...\{DE74B890-4025-A7BE-8EBC-F374528DCFFD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Catalyst Control Center - Branding (HKLM-x32\...\{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}) (Version: 1.00.0000 - ATI) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Google Chrome (HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - eMachines)
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Choice Guard (HKLM-x32\...\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}) (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 cs) (HKLM-x32\...\Mozilla Firefox 112.0.1 (x86 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 112.0.1.8504 - Mozilla)
MSVCRT (HKLM-x32\...\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}) (Version: 14.0.1468.721 - Microsoft) Hidden
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Video Web Camera (HKLM-x32\...\{62D1C755-74C9-4BA0-841B-B7D795DEA9C7}) (Version: 1.0.4.2 - Liteon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Communications Platform (HKLM-x32\...\{3B4E636E-9D65-4D67-BA61-189800823F52}) (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Fotogalerie (HKLM-x32\...\{1D097338-B4FA-4F29-9C43-8D7A970A007E}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{71E40B32-5173-4538-8996-5822DD18E8D4}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (HKLM-x32\...\{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}) (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (HKLM-x32\...\{479A749B-1684-4881-8266-BF8DD22251E7}) (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{5D44759C-CF3F-433D-9EA0-267E45577C77}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\user\AppData\Local\Google\Chrome\Application\109.0.5414.120\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3233437075-1562573552-895271707-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r
SearchScopes: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3233437075-1562573552-895271707-1000\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-08-08 12:26 - 000450637 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15461 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90D89A19-DD71-4F94-A924-70E8E6A18CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8299F73-06B2-48CD-A148-FF72DE9E8F92}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{82CF5BB0-4B14-43B7-A6E7-83B0D88CF85F}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1B54EA6-62DA-4E94-9FFB-FAF06313A3BC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{987CF1EC-B777-4679-AE85-283A0A2E02C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{609A7015-25B0-4472-8728-84A2E49D54F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{401FD28A-16CF-4E34-88FB-ED8EA93EB2CE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A64CDA7D-C1AF-45C7-A4F0-970289D9CEAE}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C21C6E6D-F20B-4E41-967C-672BD372FF45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D1AE15B-3079-4282-BC28-5E6BD250B673}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BED7D0B3-1F4B-422F-8F5E-D6C03F0DF126}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9EB5228B-58CD-45A7-BEB0-EAAC7E3093F3}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\user\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-12-2022 12:04:44 Windows Update
30-12-2022 17:10:40 Windows Update
03-01-2023 11:23:32 Windows Update
11-01-2023 12:28:06 Windows Update
11-01-2023 12:56:58 Windows Update
17-01-2023 11:40:38 Windows Update
21-01-2023 11:37:45 Windows Update
01-02-2023 11:28:04 Windows Update
06-02-2023 13:34:32 Windows Update
09-02-2023 16:27:45 Windows Update
13-02-2023 10:52:31 Windows Update
16-02-2023 17:38:22 Windows Update
16-02-2023 17:58:21 Windows Update
21-02-2023 12:42:38 Windows Update
27-02-2023 10:59:32 Windows Update
07-03-2023 20:05:36 Windows Update
12-03-2023 16:38:50 Windows Update
15-03-2023 11:49:28 Windows Update
21-03-2023 10:52:42 Windows Update
26-03-2023 18:21:45 Windows Update
09-04-2023 12:22:35 Windows Update
14-04-2023 17:18:13 Windows Update
17-04-2023 12:28:20 Windows Update
22-04-2023 22:41:29 Windows Update
23-04-2023 13:39:54 Installed Adobe Acrobat Reader DC - Czech.
26-04-2023 16:49:12 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2023 05:17:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).
Error: (02/05/2023 03:57:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0x01d93969b7416227
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: ffb41b51-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xfa8
Čas spuštění chybující aplikace: 0x01d939699f33e556
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e71c2d6f-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:54:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x10c4
Čas spuštění chybující aplikace: 0x01d939694e9e9680
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 96db1d60-a55c-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x994
Čas spuštění chybující aplikace: 0x01d939689999de77
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: e0aa972a-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:47:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0x8dc
Čas spuštění chybující aplikace: 0x01d939685ef3c8d5
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: a6106869-a55b-11ed-8843-88ae1d7cd8a8
Error: (02/05/2023 03:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xddc
Čas spuštění chybující aplikace: 0x01d93967ebef906e
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 39d7a77b-a55b-11ed-8843-88ae1d7cd8a8
Error: (05/19/2022 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 11.0.0.379, časové razítko: 0x505fd19e
Název chybujícího modulu: AcroRd32.dll, verze: 11.0.0.379, časové razítko: 0x505fd190
Kód výjimky: 0xc0000005
Posun chyby: 0x000d2b25
ID chybujícího procesu: 0xe6c
Čas spuštění chybující aplikace: 0x01d86b6ff3bab4c0
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
ID zprávy: 3b427241-d763-11ec-945f-88ae1d7cd8a8
System errors:
=============
Error: (04/26/2023 05:14:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/26/2023 04:57:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/26/2023 04:57:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Windows Defender:
================Event[0]:
Date: 2021-06-29 10:43:06.316
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1224.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 10:43:06.314
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.629.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-15 16:10:11.242
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-08 09:06:55.664
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.339.21.0
Předchozí verze podpisu:1.337.491.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18100.6
Předchozí verze modulu:1.1.18100.5
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: eMachines V2.00 08/23/2010
Motherboard: eMachines HM53_DN
Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Percentage of memory in use: 59%
Total physical RAM: 5882.9 MB
Available physical RAM: 2361.89 MB
Total Virtual: 11763.94 MB
Available Virtual: 7319 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:209.47 GB) (Free:136.35 GB) (Model: Patriot Burst ATA Device) NTFS
\\?\Volume{c3d55514-9d1b-11e2-b77e-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{c3d55513-9d1b-11e2-b77e-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:2.21 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AE9D615B)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
***
Re: Pravděpodobně zavirovaný PC
V jakem prohlížeči a kdy ti reklamy vyskakují? Jen při spuštění prohlížeče nebo i náhodně během prohlížení internetu? Nebo ti reklamy vyskakují dokonce ikdyž máš prohlížeč vypnutý? Po restartu zkontroluj, zda problémy přetrvávají.- Znovu spustte FRST.exe/FRST64.exe
- stisknete Ctrl + y (obe klavesy zaroven)
- otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
- stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
- kliknete na tlacitko Fix
- po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: Folder: C:\ProgramData\Partner File: C:\Windows\system32\ie4uinit.exe CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File C:\USERS\USER\APPDATA\LOCAL\TEMP\BITADEA.TMP HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r CMD: dir "C:\Windows\Inf" /AD CMD: dir "C:\PROGRA~1" CMD: dir "C:\PROGRA~2" CMD: dir "C:\PROGRA~3" CMD: dir "%localappdata%" CMD: dir "%appdata%" End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
Re: Pravděpodobně zavirovaný PC
Dobrý den, reklamy vyskakovaly po otevření chromu. Přechod na Win 10 bych asi neřešil. Uživatelce PC bude 80 let tak dokud to půjde tak zůstane u Win 7. Po restartu je zatím klid.
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-04-2023
Ran by user (26-04-2023 22:39:56) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user
Boot Mode: Normal
==============================================
fixlist content:
*****************
̩Start
CreateRestorePoint:
CloseProcesses:
Folder: C:\ProgramData\Partner
File: C:\Windows\system32\ie4uinit.exe
CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\USERS\USER\APPDATA\LOCAL\TEMP\BITADEA.TMP
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Ends
*****************
Restore point was successfully created.
Processes closed successfully.
========================= Folder: C:\ProgramData\Partner ========================
2010-07-15 03:30 - 2013-07-09 17:27 - 000001035 ____A [FE5F49582727313E6DE14AFE5C6E88B4] () C:\ProgramData\Partner\debug.log
====== End of Folder: ======
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-04-2023
Ran by user (26-04-2023 22:39:56) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user
Boot Mode: Normal
==============================================
fixlist content:
*****************
̩Start
CreateRestorePoint:
CloseProcesses:
Folder: C:\ProgramData\Partner
File: C:\Windows\system32\ie4uinit.exe
CHR HKU\S-1-5-21-3233437075-1562573552-895271707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2014-06-25 15:16 - 2014-06-25 15:16 - 006010880 _____ () C:\Program Files (x86)\GUT7B48.tmp
CustomCLSID: HKU\S-1-5-21-3233437075-1562573552-895271707-1000_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3233437075-1562573552-895271707-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\USERS\USER\APPDATA\LOCAL\TEMP\BITADEA.TMP
HKU\S-1-5-21-3233437075-1562573552-895271707-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme642&r=273604132745l04f4z1i5r4712s39r
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Ends
*****************
Restore point was successfully created.
Processes closed successfully.
========================= Folder: C:\ProgramData\Partner ========================
2010-07-15 03:30 - 2013-07-09 17:27 - 000001035 ____A [FE5F49582727313E6DE14AFE5C6E88B4] () C:\ProgramData\Partner\debug.log
====== End of Folder: ======
***
-
Leoš Jelínek
- Návštěvník
- Příspěvky: 92
- Registrován: 04 lis 2006 09:44
- Bydliště: Horažďovice
Re: Pravděpodobně zavirovaný PC
Dobrý den, PC zatím fuguje dobrě takže je snad všechno v pořádku. Děkuju za pomoc. Nashledanou
***
Re: Pravděpodobně zavirovaný PC
Dobře, díky za info, nemáte zač a přeji ať se daří.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?