VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Objevil se zde vir Police ČR - pornografie

https://forum.viry.cz:443/viewtopic.php?t=159154

Stránka 1 z 1

Objevil se zde vir Police ČR - pornografie

Napsal: 16 kvě 2023 15:07
od dinospages
Dobrý den stará klasika se objevila prý na tomto PC, nyní po zapnutí nic neeviduji.

prosím o kontrolu logu z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by tonar (administrator) on DESKTOP-5USLTSD (Dell Inc. OptiPlex 780) (16-05-2023 15:59:04)
Running from C:\Users\tonar\OneDrive\Plocha\FRST64.exe
Loaded Profiles: tonar
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21434.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21434.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21434.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.086.0423.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [220056 2023-05-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3396000467-1152395305-1387035803-1001\...\Run: [3cca1bb530f30c1edd994819dca34c2c] => "C:\Program Files\DVDFab\ExplorerFab\liveUpdate.exe" --run_mode=background_check (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\112.0.21002.138\Installer\chrmstp.exe [2023-05-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {077B462F-B771-4518-9C1B-CBED8F1F8AF4} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {09468A3F-6A65-47DF-9C1B-CF0D99CBBD96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {576712B2-8B24-40D8-9213-DD4FA0291557} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {A5F7D235-8558-4495-9E71-7B21DEEA1609} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3350856 2023-04-26] (Avast Software s.r.o. -> AVAST Software)
Task: {B8F193E9-F0E9-4E0C-93A3-1AB527487287} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4884888 2023-05-09] (Avast Software s.r.o. -> AVAST Software)
Task: {C47D7DDA-5533-4819-9671-854B69DEF00B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2135448 2023-04-14] (Avast Software s.r.o. -> Avast Software)
Task: {CB8BCF47-EC31-42D2-9553-D280BE9DD7BE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3350856 2023-04-26] (Avast Software s.r.o. -> AVAST Software)
Task: {D122E6E8-C5CE-420E-B80E-07DBD8492D38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Task: {D8EC02BA-6B32-4EB2-ADCF-F67118068B80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{074423be-0b03-4d6f-a77d-108b397e1c7d}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\tonar\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-10]

FireFox:
========
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-15] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-15] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tonar\AppData\Local\Google\Chrome\User Data\Default [2023-05-16]
CHR Notifications: Default -> hxxps://de.aliexpress.com; hxxps://it.aliexpress.com; hxxps://www.4camping.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\tonar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-21]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\tonar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mceplokdebjaneacdmhgacicphdkenab [2022-12-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tonar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\tonar\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8821656 2023-05-09] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [584600 2023-05-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [585112 2023-05-09] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-15] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\112.0.21002.138\elevation_service.exe [1805376 2023-04-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31360 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235880 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391800 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297824 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95904 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39592 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [270472 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556104 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105232 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80408 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [942936 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [703280 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212672 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319552 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 vdrive; \SystemRoot\System32\drivers\vdrive.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-16 16:00 - 2023-05-16 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2023-05-16 16:00 - 2023-05-16 16:00 - 000000000 ____D C:\ProgramData\AnyDesk
2023-05-16 16:00 - 2023-05-16 16:00 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-05-16 15:59 - 2023-05-16 16:00 - 000000000 ____D C:\Users\tonar\AppData\Roaming\AnyDesk
2023-05-16 15:59 - 2023-05-16 15:59 - 004038720 _____ (AnyDesk Software GmbH) C:\Users\tonar\Downloads\AnyDesk.exe
2023-05-16 15:59 - 2023-05-16 15:59 - 000394240 _____ (Google Inc.) C:\Users\tonar\Downloads\gcapi.dll
2023-05-16 15:58 - 2023-05-16 15:59 - 000000000 ____D C:\FRST
2023-05-12 15:07 - 2023-05-12 15:07 - 000504666 _____ C:\Users\tonar\Downloads\7312229039.pdf
2023-05-12 08:47 - 2023-05-12 08:47 - 000000000 ___HD C:\$WinREAgent
2023-05-09 21:59 - 2023-05-09 21:59 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-05-05 09:16 - 2023-05-05 09:16 - 000203725 _____ C:\Users\tonar\Downloads\Ceník pro Osobní bankovnictví.pdf
2023-05-05 09:10 - 2023-05-05 09:10 - 000060384 _____ C:\Users\tonar\Downloads\Informace k uctu.pdf
2023-04-30 09:45 - 2023-04-30 09:45 - 000000000 ____D C:\Users\tonar\AppData\LocalLow\Temp
2023-04-25 16:00 - 2023-05-12 09:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-16 16:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-16 15:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-16 15:47 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-16 15:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-16 15:46 - 2020-03-10 07:39 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-16 15:46 - 2020-03-10 07:37 - 000000000 ___RD C:\Users\tonar\OneDrive
2023-05-16 12:39 - 2021-12-11 12:20 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3396000467-1152395305-1387035803-1001
2023-05-16 12:39 - 2020-12-18 01:21 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-16 12:39 - 2020-12-18 01:21 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-16 12:39 - 2020-12-18 01:21 - 000003410 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-16 12:39 - 2020-12-18 01:21 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-16 12:39 - 2020-12-18 01:21 - 000003186 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-16 12:39 - 2020-12-18 01:21 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3396000467-1152395305-1387035803-1001
2023-05-16 12:39 - 2020-12-18 01:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-05-16 12:19 - 2020-03-10 07:44 - 000000000 ____D C:\Users\tonar\AppData\LocalLow\Mozilla
2023-05-16 12:13 - 2022-10-12 15:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-15 21:33 - 2020-03-10 07:49 - 000000000 ____D C:\Users\tonar\AppData\Roaming\NAPS2
2023-05-15 09:57 - 2020-03-10 08:13 - 000000000 ____D C:\Users\tonar\AppData\Roaming\Microsoft\Word
2023-05-15 09:11 - 2020-12-18 01:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-13 12:41 - 2022-10-12 18:34 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-05-13 07:44 - 2020-12-18 01:21 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-05-12 13:45 - 2020-12-18 01:21 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-12 13:45 - 2019-12-07 16:41 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-12 13:45 - 2019-12-07 16:41 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-12 13:38 - 2020-12-18 01:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-12 13:38 - 2020-12-18 01:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-12 13:38 - 2020-03-10 07:49 - 000000000 ____D C:\ProgramData\AVAST Software
2023-05-12 09:11 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-12 09:10 - 2020-12-18 01:13 - 000352448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-12 09:10 - 2020-03-10 07:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-12 09:10 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-12 09:10 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-12 09:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-12 09:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-12 09:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-12 09:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-12 09:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-12 09:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-12 09:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-12 08:57 - 2020-12-18 01:18 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-12 08:47 - 2020-09-30 11:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-12 08:05 - 2020-06-13 18:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-12 08:05 - 2020-03-11 00:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-12 08:02 - 2020-03-11 00:32 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-11 07:15 - 2020-03-10 07:40 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-10 22:49 - 2020-12-18 01:14 - 000002381 _____ C:\Users\tonar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-09 21:59 - 2020-10-14 16:53 - 000270472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-05-09 21:59 - 2020-04-15 11:20 - 000556104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000942936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000703280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000391800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000319552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000297824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000235880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000105232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000095904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000080408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000039592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-05-09 21:59 - 2020-03-10 07:50 - 000031360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-05-09 21:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-05-04 19:57 - 2022-12-15 12:37 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-04-26 15:12 - 2020-03-11 12:38 - 000000000 ____D C:\Users\tonar\AppData\Roaming\Microsoft\Excel
2023-04-25 17:59 - 2020-03-10 07:43 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-17 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by tonar (16-05-2023 16:01:57)
Running from C:\Users\tonar\OneDrive\Plocha
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2020-12-17 23:21:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3396000467-1152395305-1387035803-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3396000467-1152395305-1387035803-503 - Limited - Disabled)
Guest (S-1-5-21-3396000467-1152395305-1387035803-501 - Limited - Disabled)
tonar (S-1-5-21-3396000467-1152395305-1387035803-1001 - Administrator - Enabled) => C:\Users\tonar
WDAGUtilityAccount (S-1-5-21-3396000467-1152395305-1387035803-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.001.20174 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.1.11 - AnyDesk Software GmbH)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.4.6062 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 112.0.21002.138 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3396000467-1152395305-1387035803-1001\...\OneDriveSetup.exe) (Version: 23.086.0423.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.5.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.10.1 (x64 cs)) (Version: 102.10.1 - Mozilla)
NAPS2 6.1.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.33.22.0_x64__kgqvnymyfvs32 [2023-05-05] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.1.5.0_x64__kgqvnymyfvs32 [2023-04-25] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-21] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-18] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0 [2023-05-16] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-05-09] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-05-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-05-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-05-09] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-05-09] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-05-16 16:00 - 2023-05-16 16:00 - 000394240 _____ (Google Inc.) [File not signed] C:\Program Files (x86)\AnyDesk\gcapi.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3396000467-1152395305-1387035803-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8C75B5CA-641F-4E26-AC94-4B4AB8158FC2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4CA06F9F-F7B6-438E-A6A3-27147EC18E34}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5C2AD1DF-5FAE-47D2-919F-46841EE761BE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C01265BC-1689-4001-A85A-A22A6BD29818}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{68AECA83-EDF1-473D-81ED-670B270F1DA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B74A00C1-FBED-455B-A562-E128EEC2DB90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2C2A0A9-D045-4D07-AE0C-95CBEAF4AF1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57765C2F-E58B-45D3-BF81-692A83244FFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80CE5C46-71FE-4C05-A15F-CC4D0A5E0F0D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4F5CDB3-D970-4688-9BF0-9E6D7026FE52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6A276698-F987-43FE-8968-F7C37EA64F2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E34032AC-4696-41EE-B6E1-388075CBCEDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AF51B08B-C0DA-4D2C-8C42-79FFC703964A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DC184B53-685C-49A3-8625-1145A11D256B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{36EC77BB-19EC-4477-AD17-57E618AEC639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B9B4DEA-0935-4745-9C05-F3F8E8789B26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09C7AC74-D1A4-4E57-A674-3D08B5357CD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC141F0E-80E2-406C-A05E-3AFA3B9239D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81E0F0F6-BF9D-4C55-836F-973289550E18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9AADF742-1B8B-437B-98F9-503E5F377664}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{E7AB33D6-FE47-40EB-9D9A-E674E1768121}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{E23D3463-B7B0-462C-BD88-E3E24C56A81E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{EBA9F4C3-2BD3-47BF-ADE3-07B5E965671C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{1A8A2F59-C2EE-4447-B65D-A28E5AFFA219}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{908AA5E9-D2DC-4C50-82DB-A6C6ABE0E52A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:96.59 GB) (Free:39.21 GB) (41%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/04/2023 01:11:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2788 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 14c4

Čas spuštění: 01d97e78fac130c4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 5cb233ce-3957-426b-9605-a580a0dcaa5b

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.9.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: ShellFeedsUI

Typ zablokování: Quiesce

Error: (03/11/2023 08:02:30 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: DESKTOP-5USLTSD)
Description: Microsoft.YourPhone_8wekyb3d8bbwe-2147023878

Error: (02/22/2023 12:30:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.23.129.2, časové razítko: 0xb100d2a9
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000008c67f
ID chybujícího procesu: 0xcc4
Čas spuštění chybující aplikace: 0x01d946a8a8dee520
Cesta k chybující aplikaci: C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.023.0129.0002\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 516495d8-b58a-43a9-a348-f97f931b86dc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/17/2023 10:09:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.20.125.3, časové razítko: 0x03b6339d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000008c67f
ID chybujícího procesu: 0x19c8
Čas spuštění chybující aplikace: 0x01d942a729593540
Cesta k chybující aplikaci: C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.020.0125.0003\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: ddffc7af-4c12-490f-aa50-f5466cd5238e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/29/2023 12:59:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.2.102.4, časové razítko: 0x9ff405d5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x1e9c
Čas spuštění chybující aplikace: 0x01d933d0c9b62299
Cesta k chybující aplikaci: C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: b99e9454-3814-4ec1-a5e0-a24799313a2b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/28/2023 01:07:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.2.102.4, časové razítko: 0x9ff405d5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x2388
Čas spuštění chybující aplikace: 0x01d93308ab869975
Cesta k chybující aplikaci: C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: ab8cd8f6-0737-4f8f-9ded-b4f23c133f90
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/27/2023 01:03:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.2.102.4, časové razítko: 0x9ff405d5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x26fc
Čas spuštění chybující aplikace: 0x01d9323efb885928
Cesta k chybující aplikaci: C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: ebdeb3ba-55d6-478e-85b4-c0c55bb16ebb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2023 12:41:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.2.102.4, časové razítko: 0x9ff405d5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x18bc
Čas spuštění chybující aplikace: 0x01d93172cbf94537
Cesta k chybující aplikaci: C:\Users\tonar\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 6847dff9-39f3-4892-9b19-adb39571c422
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/12/2023 09:11:35 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WerSvc se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (05/05/2023 08:02:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5USLTSD)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/21/2023 02:56:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/20/2023 11:21:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5USLTSD)
Description: Server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/20/2023 11:21:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5USLTSD)
Description: Server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/20/2023 11:21:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5USLTSD)
Description: Server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/16/2023 12:28:28 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.

Error: (03/09/2023 12:50:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80248007): 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS.


CodeIntegrity:
===============
Date: 2023-05-16 15:45:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A06 11/03/2010
Motherboard: Dell Inc. 0DFRFW
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 84%
Total physical RAM: 3995.59 MB
Available physical RAM: 615.27 MB
Total Virtual: 5083.59 MB
Available Virtual: 1131.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.59 GB) (Free:39.21 GB) (Model: Apacer AS340 240GB) NTFS
Drive e: (dataSSD) (Fixed) (Total:125.91 GB) (Free:55.62 GB) (Model: Apacer AS340 240GB) NTFS

\\?\Volume{be9d2447-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.11 GB) NTFS
\\?\Volume{be9d2447-0000-0000-0000-004a18000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BE9D2447)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=96.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=511 MB) - (Type=27)
Partition 4: (Not Active) - (Size=125.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 16 kvě 2023 15:57
od Rudy
Zdravím!
Je to fake. Ale zkontrolujeme. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 16 kvě 2023 15:58
od altrok
Ahoj,

:arrow: AnyDesk jsi instaloval úmyslně?

:arrow: Mate vypnutou funkci bodu obnoveni - velice doporucuji tuto funkci zapnout.
  • Kliknete pravym na Tento pocitac -> Vlastnosti -> Upresnit nastaveni systemu -> nahore zalozka Ochrana systemu -> oznacte systemovy disk (vetsinou C: ) -> Konfigurovat -> vyberte Obnovit nastaveni systemu a predchozi verze souboru a ulozte klikem na Pouzit.
  • Pokud si chcete hrat s velikosti mista na disku, ktere je vyuzito body obnoveni, nedoporucuji tuto hranici snizovat pod 1 GB. Pokud mate mista na disku dost, ponechte defaultni 5-10% vyuziti disku.
:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan (Skenovani), pote na Clean (Cisteni)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 26 kvě 2023 19:36
od dinospages
anydfesk je umyslny, máte k němu nějaké výhrady používám jej hodně na svych zarizenich kde se venuji cryptu a vyuzivam spoustu různých blockchainových browser externsionů atd... je tu někde o tom nějaká sekce. CErlkem by se mi to hodilo..

zde je log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-26-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2965)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [26/05/2023 20:30:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 26 kvě 2023 19:58
od Rudy
ADWC je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3396000467-1152395305-1387035803-1001\...\Run: [3cca1bb530f30c1edd994819dca34c2c] => "C:\Program Files\DVDFab\ExplorerFab\liveUpdate.exe" --run_mode=background_check (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {D122E6E8-C5CE-420E-B80E-07DBD8492D38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Task: {D8EC02BA-6B32-4EB2-ADCF-F67118068B80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp

EmptyTemp:
End
Uložte do C:\Users\tonar\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 05 čer 2023 17:30
od dinospages
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by tonar (05-06-2023 18:17:14) Run:1
Running from C:\Users\tonar\OneDrive\Plocha
Loaded Profiles: tonar
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3396000467-1152395305-1387035803-1001\...\Run: [3cca1bb530f30c1edd994819dca34c2c] => "C:\Program Files\DVDFab\ExplorerFab\liveUpdate.exe" --run_mode=background_check (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {D122E6E8-C5CE-420E-B80E-07DBD8492D38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Task: {D8EC02BA-6B32-4EB2-ADCF-F67118068B80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3396000467-1152395305-1387035803-1001\Software\Microsoft\Windows\CurrentVersion\Run\\3cca1bb530f30c1edd994819dca34c2c" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D122E6E8-C5CE-420E-B80E-07DBD8492D38}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D122E6E8-C5CE-420E-B80E-07DBD8492D38}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8EC02BA-6B32-4EB2-ADCF-F67118068B80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8EC02BA-6B32-4EB2-ADCF-F67118068B80}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 996250689 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2917779 B
Edge => 1888099 B
Chrome => 1834075576 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 295338 B
NetworkService => 295338 B
tonar => 4684012675 B

RecycleBin => 0 B
EmptyTemp: => 7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-06-2023 18:29:37)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 18:29:37 ====

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 05 čer 2023 17:43
od Rudy
Smazáno, log již vypadá OK.

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 06 čer 2023 08:58
od dinospages
OK děkuji

Re: Objevil se zde vir Police ČR - pornografie

Napsal: 06 čer 2023 12:10
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz