Prevenčka
Napsal: 30 čer 2023 09:34
Trvá dlouho než se nastartuje samotnej W a taky se mi vůbec nezobrazily ikony v liště.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2023
Ran by tomas (administrator) on DESKTOP-C5F069G (Dell Inc. Latitude E6220) (30-06-2023 10:02:34)
Running from C:\Users\tomas\Downloads\FRST64.exe
Loaded Profiles: tomas
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3086 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Windows\SoftwareDistribution\Download\Install\UpdatePlatform.amd64fre.exe ->) (Access Denied) [File not signed] C:\Windows\Temp\16662462-DEFE-441F-AAB8-5B1E2223473D\MpSigStub.exe
(explorer.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\OneDrive\23.114.0530.0001\FileCoAuth.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe <3>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(services.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(services.exe ->) (O2Micro Inc. -> O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(services.exe ->) (TomTom) [File not signed] C:\Program Files\TomTom HOME\TTHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(wuauclt.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\UpdatePlatform.amd64fre.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME\TTHOMERunner.exe [332288 2022-04-14] (TomTom) [File not signed]
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\HP D811 Status Monitor: hpinkstsD811LM.dll (No File)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\WINDOWS\system32\novamn10.dll [18944 2019-05-08] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.129\Installer\chrmstp.exe [2023-06-02] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1462C419-83AD-453D-9772-F28CB1330B6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3301B68A-A834-4600-BE18-AF84D999FB5E} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2019-05-08] (Softland SRL -> )
Task: {4F41FF5A-40F7-41D1-A240-00AEE732C387} - System32\Tasks\GoogleUpdateTaskMachineCore{681BD2F5-9988-43F6-841C-FE649C0CAE42} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-05] (Google Inc -> Google Inc.)
Task: {5C6ECC10-7590-4E6A-B229-BED56C55D8FC} - System32\Tasks\GoogleUpdateTaskMachineUA{9E931BD6-3C7A-46B3-BA81-A149656A6771} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-05] (Google Inc -> Google Inc.)
Task: {614F4AC8-7414-4B94-8C4D-7360423B98D0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17a47e83-8468-494a-9da0-8634bae68388" --version "6.13.10517" --silent
Task: {97F85B05-F81D-4802-AEE9-F7DE8ADDADC3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A28DF1F1-F4CF-4D4B-B78F-BAD1D02BA0F3} - System32\Tasks\Opera scheduled Autoupdate 1642077456 => C:\Program Files (x86)\Opera\launcher.exe [2708376 2023-06-27] (Opera Norway AS -> Opera Software)
Task: {AD05B793-0A40-46CE-9F9B-A0E5DB4374B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B31A85DD-D4E3-4BA5-8E02-7536B565887E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8E1675D-AAA0-43FF-BD60-9C1A3F66C0E4} - System32\Tasks\CCleanerSkipUAC - tomas => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D8E8B1F9-7348-4975-ACEF-C90E81D9B580} - System32\Tasks\Opera scheduled assistant Autoupdate 1642077492 => C:\Program Files (x86)\Opera\launcher.exe [2708376 2023-06-27] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {EE92282C-F399-47F0-A2B6-B7941A5FF428} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2019-05-08] (Softland SRL -> )
Task: {F0FAB91C-382E-4683-A634-F5F999BFE776} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F150DD67-A4B8-41B6-BE56-C27F60004FB2} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{80701f5f-f89c-4335-abe6-cc8b7eebde60}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{d4e419cf-9e7c-4fc0-8690-1f4d98412ecc}: [DhcpNameServer] 192.168.135.1 8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\tomas\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-30]
Edge Extension: (Edge relevant text changes) - C:\Users\tomas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-19]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2023-06-30]
CHR Notifications: Default -> hxxps://abouthome.cz; hxxps://aukro.cz; hxxps://cafe-ayo.ru; hxxps://device-variety.xyz; hxxps://paratmagazine.com; hxxps://www.amateri.com; hxxps://www.chance.cz; hxxps://www.conrad.cz; hxxps://www.kupi.cz; hxxps://www.megaknihy.cz; hxxps://www.tomtom.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/marketplace/item/34835 ... jn/3391773"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-364587917-2012317419-2455768257-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-364587917-2012317419-2455768257-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable [2023-06-30]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-10]
OPR Extension: (Opera Wallet) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-08]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (Opera AI Prompts) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-06-19]
StartMenuInternet: (HKU\S-1-5-21-364587917-2012317419-2455768257-1002) OperaStable - "C:\Program Files (x86)\Opera\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-12] (Dell Inc -> )
R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [815616 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [161280 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-02-04] (HP Inc. -> HP Inc.)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-05-08] (Softland SRL -> Microsoft)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-08-07] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [296448 2011-01-25] (IDT, Inc.) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2022-04-14] (TomTom) [File not signed]
R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [265728 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [19968 2015-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Cypress Semiconductor, Inc.)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 MpKsl0e148001; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [130296 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
R3 O2MDFW8x64; C:\WINDOWS\System32\drivers\O2MDFw8x64.sys [74368 2012-06-15] (O2Micro -> O2Micro)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [23216 2015-01-09] (STMicroelectronics -> ST Microelectronics)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [521728 2011-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-30 10:02 - 2023-06-30 10:05 - 000021033 _____ C:\Users\tomas\Downloads\FRST.txt
2023-06-30 10:01 - 2023-06-30 10:04 - 000000000 ____D C:\FRST
2023-06-30 10:00 - 2023-06-30 10:00 - 002383360 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2023-06-30 09:59 - 2023-06-30 09:59 - 002084352 _____ (Farbar) C:\Users\tomas\Downloads\FRST.exe
2023-06-30 08:26 - 2023-06-30 08:04 - 000416076 __RSH C:\bootmgr
2023-06-30 08:26 - 2019-12-07 11:08 - 000000001 ___SH C:\BOOTNXT
2023-06-30 07:11 - 2023-06-30 07:11 - 000004180 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1642077456
2023-06-30 07:11 - 2023-06-30 07:11 - 000001245 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-06-30 07:02 - 2023-06-30 07:02 - 000000000 ___HD C:\$WinREAgent
2023-06-30 06:56 - 2023-06-30 06:56 - 000004404 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1642077492
2023-06-19 20:58 - 2023-06-30 06:34 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-19 20:58 - 2023-06-19 20:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-19 20:57 - 2023-06-19 20:57 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-19 20:45 - 2023-06-19 20:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-364587917-2012317419-2455768257-1002
2023-06-19 20:45 - 2023-06-19 20:45 - 000002377 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-30 10:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-30 10:02 - 2018-05-19 22:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-30 09:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-30 09:52 - 2021-12-31 10:21 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-30 09:52 - 2018-07-05 21:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-30 09:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-30 09:30 - 2018-05-18 18:05 - 000000000 ___RD C:\Users\tomas\OneDrive
2023-06-30 09:29 - 2021-12-30 09:29 - 000000000 ____D C:\Program Files\CCleaner
2023-06-30 09:28 - 2018-05-18 18:02 - 000000000 ____D C:\Users\tomas\AppData\Local\Packages
2023-06-30 09:27 - 2020-09-25 13:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-30 08:32 - 2020-09-25 13:48 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-30 08:32 - 2019-12-07 16:43 - 000683504 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-30 08:32 - 2019-12-07 16:43 - 000137284 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-30 08:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-06-30 08:25 - 2021-08-13 07:30 - 000464192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-30 08:24 - 2020-09-25 13:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-30 08:24 - 2018-06-24 11:50 - 000041695 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2023-06-30 08:23 - 2021-12-25 12:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-30 08:23 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-30 08:23 - 2018-05-18 18:07 - 000000000 ____D C:\Program Files (x86)\Opera
2023-06-30 08:20 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-30 08:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-30 08:03 - 2020-09-25 13:34 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-30 07:12 - 2023-01-17 17:51 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-30 06:16 - 2018-05-19 22:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-29 18:23 - 2018-05-19 22:35 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-19 20:47 - 2022-01-24 14:08 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{9E931BD6-3C7A-46B3-BA81-A149656A6771}
2023-06-19 20:47 - 2022-01-24 14:08 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{681BD2F5-9988-43F6-841C-FE649C0CAE42}
2023-06-19 20:45 - 2021-12-11 14:36 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-364587917-2012317419-2455768257-1002
2023-06-19 20:42 - 2020-09-25 13:58 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-19 20:42 - 2020-09-25 13:58 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-02 06:14 - 2018-07-05 21:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by tomas (30-06-2023 10:09:43)
Running from C:\Users\tomas\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3086 (X64) (2020-09-25 11:59:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-364587917-2012317419-2455768257-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-364587917-2012317419-2455768257-503 - Limited - Disabled)
Guest (S-1-5-21-364587917-2012317419-2455768257-501 - Limited - Disabled)
tomas (S-1-5-21-364587917-2012317419-2455768257-1002 - Administrator - Enabled) => C:\Users\tomas
WDAGUtilityAccount (S-1-5-21-364587917-2012317419-2455768257-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824406920}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adventure Pinball Demo (HKLM-x32\...\Adventure Pinball Demo) (Version: - )
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
doPDF (HKLM\...\{09BE69E4-B9AD-447D-8A2F-E1D6CBE9C417}) (Version: 10.1.112 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{f5020cd6-f9e7-47b4-ba38-35989d3528ac}) (Version: 10.1.112 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{F9F53ACC-96EE-49A9-B947-0BDBC9F29A70}) (Version: 10.1.112 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{F274B289-723E-46E4-A2E5-50F9DA00EC92}) (Version: 10.1.112 - Softland)
doPDF 10 Printer Driver (HKLM\...\{F2AA4489-36C5-428A-A715-DD4BFE05361F}) (Version: 10.1.112 - Softland)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{D58993B3-BA5F-4181-8D1C-05D0302398EB}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{C777EAED-CEE8-4AF4-A2DE-2A0FC510481A}) (Version: 40.13.54.81239 - HP)
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15310.1316 - Hewlett-Packard)
HP LaserJet Pro MFP M125-M126 HP Device Toolbox (HKLM-x32\...\{82E7776B-E837-4584-BD0D-E2F54A0F6960}) (Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M125126 Scan HP Scan (HKLM-x32\...\{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}) (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (HKLM-x32\...\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C}) (Version: 4.0.0.8895 - Hewlett-Packard Company) Hidden
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 6.2.0.3 (HKLM-x32\...\{C0B9601C-3433-41E2-B681-4C86274F0656}) (Version: 6.2.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\OneDriveSetup.exe) (Version: 23.114.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
OpenOffice 4.1.7 (HKLM-x32\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
Opera Stable 99.0.4788.88 (HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Opera 99.0.4788.88) (Version: 99.0.4788.88 - Opera Software)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF24 Creator 9.0.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0067 - ST Microelectronics)
TomTom HOME 2.21.19.1592948 (HKLM\...\TomTom HOME) (Version: 2.21.19.1592948 - TomTom)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoner Photo Studio 11 (HKLM-x32\...\ZonerPhotoStudio11_CZ_is1) (Version: - ZONER software)
Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2023-06-30] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.3011.0_x64__rz1tebttyb220 [2023-06-30] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-30] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-30] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2018-06-24 16:33 - 2011-01-25 02:57 - 004637184 _____ (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\STLang64.dll
2020-09-25 13:35 - 2011-01-25 02:57 - 000651776 ____N (IDT, Inc.) [File not signed] C:\WINDOWS\system32\stapi64.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2012-06-26 13:08 - 2012-06-26 13:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 11:58 - 2012-06-26 11:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 13:08 - 2012-06-26 13:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2021-04-21 02:18 - 2021-04-21 02:18 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2019-05-08 20:36 - 2019-05-08 20:36 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 22:09 - 2021-06-05 22:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\tomas\OneDrive\Plocha\Poster.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{00672312-EC3D-44EE-A66D-0E6FC002ADCB}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{17F7BF29-E3FF-470E-9A0F-1AB6EA3F207C}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{02FA6FD6-7568-429D-AACE-7EC846D351F6}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{F70174D6-A6F1-463C-99CE-55B98FE40B2E}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{5ADD5DD8-3EE9-439E-A508-C44EB8E19165}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{4BE04637-D304-4B60-B8AA-71BAF90E7CA4}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{6595D54A-E8F6-4C5A-84E6-6F6FD62AF8A8}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{73755297-B5A9-4A0F-9CF1-7C634391105E}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{334ADF65-4AD0-4A40-ADBB-1DB765214C91}] => (Allow) C:\Program Files (x86)\Opera\99.0.4788.24\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{28E4FA73-1176-4AD9-AEDE-73284E33916C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6BBDD92-6CC9-4059-A37E-81FC820A1ADC}] => (Allow) C:\Program Files (x86)\Opera\99.0.4788.88\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{4A89320A-635F-41AB-BBDA-23CD4313C7F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{602AAECE-7CA6-4464-B127-C9FF57DC77A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{372B088F-DD97-4233-A612-A0B46C725719}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61B716FE-A7CB-4270-9313-C65C9CA854F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B205028B-AF2F-4C14-9D93-C186409B26C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
02-06-2023 07:38:21 Naplánovaný kontrolní bod
30-06-2023 06:52:45 Instalační služba modulů systému Windows
30-06-2023 06:59:17 Instalační služba modulů systému Windows
30-06-2023 07:04:29 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: Dell Data Vault Control Device
Description: Dell Data Vault Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Technologies
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/30/2023 07:28:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.2913, časové razítko: 0xfeef270c
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2913, časové razítko: 0xa1c3e870
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012d862
ID chybujícího procesu: 0x1c9c
Čas spuštění chybující aplikace: 0x01d9ab0f9b874e99
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8bfc090b-7083-4a83-b22f-5c0006de49ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2023 06:36:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (3416,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00172.log došlo k chybě -1811 (0xfffff8ed).
Error: (06/30/2023 06:34:33 AM) (Source: USHUpgradeService) (EventID: 2) (User: )
Description: Will not attempt to upgrade CV firmware because there were too many failed firmware upgrades.
Error: (06/19/2023 08:46:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (13072,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\tomas\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/19/2023 08:46:15 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (13072,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\tomas\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/04/2023 08:12:42 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/02/2023 07:37:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (05/21/2023 07:01:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (8536,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\tomas\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (06/30/2023 09:32:40 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-C5F069G)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (06/30/2023 08:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/30/2023 08:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/30/2023 07:48:04 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby UsoSvc s argumenty Není k dispozici za účelem spuštění serveru:
{9C695035-48D2-4229-8B73-4C70E756E519}
Error: (06/30/2023 07:28:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): 9WZDNCRFJ3PR-MICROSOFT.WINDOWSALARMS.
Error: (06/30/2023 06:48:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Brother - Printer - 4/22/2009 12:00:00 AM - 10.0.17119.1.
Error: (06/30/2023 06:47:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/30/2023 06:47:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2023-06-30 10:09:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\tomas\Downloads\Setup.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-C5F069G\tomas
Název procesu: C:\Users\tomas\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.391.3067.0, AS: 1.391.3067.0, NIS: 1.391.3067.0
Verze modulu: AM: 1.1.23050.3, NIS: 1.1.23050.3
Date: 2023-06-29 18:24:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FCCCD64B-8B37-4019-B571-110BA860FDF8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-04 07:49:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B498BAFA-FEC2-4CA6-BA8A-96767FDC19E5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-03 08:20:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {403FA062-7574-4D2D-A775-FE906A6C5EDC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-01 17:32:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8A9C2F6B-8C5C-4030-A3F5-1B26458012F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-06-30 06:47:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:47:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:47:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:21:15
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:21:15
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2023-03-12 07:38:54
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-11-06 11:52:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A13 11/17/2013
Motherboard: Dell Inc. 0R97MN
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 70%
Total physical RAM: 3977.01 MB
Available physical RAM: 1156.04 MB
Total Virtual: 6537.01 MB
Available Virtual: 2879.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.58 GB) (Free:255.45 GB) (Model: ST320LT007-9ZV142) NTFS ==>[drive with boot components (obtained from BCD)]
\\?\Volume{e91e6299-0000-0000-0000-f0644a000000}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: E91E6299)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=525 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2023
Ran by tomas (administrator) on DESKTOP-C5F069G (Dell Inc. Latitude E6220) (30-06-2023 10:02:34)
Running from C:\Users\tomas\Downloads\FRST64.exe
Loaded Profiles: tomas
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3086 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Windows\SoftwareDistribution\Download\Install\UpdatePlatform.amd64fre.exe ->) (Access Denied) [File not signed] C:\Windows\Temp\16662462-DEFE-441F-AAB8-5B1E2223473D\MpSigStub.exe
(explorer.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\OneDrive\23.114.0530.0001\FileCoAuth.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe <3>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(services.exe ->) (Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(services.exe ->) (O2Micro Inc. -> O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(services.exe ->) (TomTom) [File not signed] C:\Program Files\TomTom HOME\TTHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(wuauclt.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\UpdatePlatform.amd64fre.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME\TTHOMERunner.exe [332288 2022-04-14] (TomTom) [File not signed]
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\HP D811 Status Monitor: hpinkstsD811LM.dll (No File)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\WINDOWS\system32\novamn10.dll [18944 2019-05-08] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.129\Installer\chrmstp.exe [2023-06-02] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1462C419-83AD-453D-9772-F28CB1330B6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3301B68A-A834-4600-BE18-AF84D999FB5E} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2019-05-08] (Softland SRL -> )
Task: {4F41FF5A-40F7-41D1-A240-00AEE732C387} - System32\Tasks\GoogleUpdateTaskMachineCore{681BD2F5-9988-43F6-841C-FE649C0CAE42} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-05] (Google Inc -> Google Inc.)
Task: {5C6ECC10-7590-4E6A-B229-BED56C55D8FC} - System32\Tasks\GoogleUpdateTaskMachineUA{9E931BD6-3C7A-46B3-BA81-A149656A6771} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-05] (Google Inc -> Google Inc.)
Task: {614F4AC8-7414-4B94-8C4D-7360423B98D0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17a47e83-8468-494a-9da0-8634bae68388" --version "6.13.10517" --silent
Task: {97F85B05-F81D-4802-AEE9-F7DE8ADDADC3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A28DF1F1-F4CF-4D4B-B78F-BAD1D02BA0F3} - System32\Tasks\Opera scheduled Autoupdate 1642077456 => C:\Program Files (x86)\Opera\launcher.exe [2708376 2023-06-27] (Opera Norway AS -> Opera Software)
Task: {AD05B793-0A40-46CE-9F9B-A0E5DB4374B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B31A85DD-D4E3-4BA5-8E02-7536B565887E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8E1675D-AAA0-43FF-BD60-9C1A3F66C0E4} - System32\Tasks\CCleanerSkipUAC - tomas => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D8E8B1F9-7348-4975-ACEF-C90E81D9B580} - System32\Tasks\Opera scheduled assistant Autoupdate 1642077492 => C:\Program Files (x86)\Opera\launcher.exe [2708376 2023-06-27] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {EE92282C-F399-47F0-A2B6-B7941A5FF428} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2019-05-08] (Softland SRL -> )
Task: {F0FAB91C-382E-4683-A634-F5F999BFE776} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F150DD67-A4B8-41B6-BE56-C27F60004FB2} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{80701f5f-f89c-4335-abe6-cc8b7eebde60}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{d4e419cf-9e7c-4fc0-8690-1f4d98412ecc}: [DhcpNameServer] 192.168.135.1 8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\tomas\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-30]
Edge Extension: (Edge relevant text changes) - C:\Users\tomas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-19]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2023-06-30]
CHR Notifications: Default -> hxxps://abouthome.cz; hxxps://aukro.cz; hxxps://cafe-ayo.ru; hxxps://device-variety.xyz; hxxps://paratmagazine.com; hxxps://www.amateri.com; hxxps://www.chance.cz; hxxps://www.conrad.cz; hxxps://www.kupi.cz; hxxps://www.megaknihy.cz; hxxps://www.tomtom.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/marketplace/item/34835 ... jn/3391773"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-364587917-2012317419-2455768257-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-364587917-2012317419-2455768257-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable [2023-06-30]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-10]
OPR Extension: (Opera Wallet) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-08]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (Opera AI Prompts) - C:\Users\tomas\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-06-19]
StartMenuInternet: (HKU\S-1-5-21-364587917-2012317419-2455768257-1002) OperaStable - "C:\Program Files (x86)\Opera\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-12] (Dell Inc -> )
R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [815616 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [161280 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-02-04] (HP Inc. -> HP Inc.)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-05-08] (Softland SRL -> Microsoft)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-08-07] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [296448 2011-01-25] (IDT, Inc.) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2022-04-14] (TomTom) [File not signed]
R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [265728 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [19968 2015-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Cypress Semiconductor, Inc.)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 MpKsl0e148001; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [130296 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
R3 O2MDFW8x64; C:\WINDOWS\System32\drivers\O2MDFw8x64.sys [74368 2012-06-15] (O2Micro -> O2Micro)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [23216 2015-01-09] (STMicroelectronics -> ST Microelectronics)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [521728 2011-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-30 10:02 - 2023-06-30 10:05 - 000021033 _____ C:\Users\tomas\Downloads\FRST.txt
2023-06-30 10:01 - 2023-06-30 10:04 - 000000000 ____D C:\FRST
2023-06-30 10:00 - 2023-06-30 10:00 - 002383360 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2023-06-30 09:59 - 2023-06-30 09:59 - 002084352 _____ (Farbar) C:\Users\tomas\Downloads\FRST.exe
2023-06-30 08:26 - 2023-06-30 08:04 - 000416076 __RSH C:\bootmgr
2023-06-30 08:26 - 2019-12-07 11:08 - 000000001 ___SH C:\BOOTNXT
2023-06-30 07:11 - 2023-06-30 07:11 - 000004180 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1642077456
2023-06-30 07:11 - 2023-06-30 07:11 - 000001245 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-06-30 07:02 - 2023-06-30 07:02 - 000000000 ___HD C:\$WinREAgent
2023-06-30 06:56 - 2023-06-30 06:56 - 000004404 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1642077492
2023-06-19 20:58 - 2023-06-30 06:34 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-19 20:58 - 2023-06-19 20:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-19 20:57 - 2023-06-19 20:57 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-19 20:45 - 2023-06-19 20:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-364587917-2012317419-2455768257-1002
2023-06-19 20:45 - 2023-06-19 20:45 - 000002377 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-30 10:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-30 10:02 - 2018-05-19 22:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-30 09:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-30 09:52 - 2021-12-31 10:21 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-30 09:52 - 2018-07-05 21:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-30 09:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-30 09:30 - 2018-05-18 18:05 - 000000000 ___RD C:\Users\tomas\OneDrive
2023-06-30 09:29 - 2021-12-30 09:29 - 000000000 ____D C:\Program Files\CCleaner
2023-06-30 09:28 - 2018-05-18 18:02 - 000000000 ____D C:\Users\tomas\AppData\Local\Packages
2023-06-30 09:27 - 2020-09-25 13:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-30 08:32 - 2020-09-25 13:48 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-30 08:32 - 2019-12-07 16:43 - 000683504 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-30 08:32 - 2019-12-07 16:43 - 000137284 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-30 08:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-06-30 08:25 - 2021-08-13 07:30 - 000464192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-30 08:24 - 2020-09-25 13:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-30 08:24 - 2018-06-24 11:50 - 000041695 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2023-06-30 08:23 - 2021-12-25 12:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-30 08:23 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-30 08:23 - 2018-05-18 18:07 - 000000000 ____D C:\Program Files (x86)\Opera
2023-06-30 08:20 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-30 08:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-30 08:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-30 08:03 - 2020-09-25 13:34 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-30 07:12 - 2023-01-17 17:51 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-30 06:16 - 2018-05-19 22:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-29 18:23 - 2018-05-19 22:35 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-19 20:47 - 2022-01-24 14:08 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{9E931BD6-3C7A-46B3-BA81-A149656A6771}
2023-06-19 20:47 - 2022-01-24 14:08 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{681BD2F5-9988-43F6-841C-FE649C0CAE42}
2023-06-19 20:45 - 2021-12-11 14:36 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-364587917-2012317419-2455768257-1002
2023-06-19 20:42 - 2020-09-25 13:58 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-19 20:42 - 2020-09-25 13:58 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-02 06:14 - 2018-07-05 21:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by tomas (30-06-2023 10:09:43)
Running from C:\Users\tomas\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3086 (X64) (2020-09-25 11:59:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-364587917-2012317419-2455768257-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-364587917-2012317419-2455768257-503 - Limited - Disabled)
Guest (S-1-5-21-364587917-2012317419-2455768257-501 - Limited - Disabled)
tomas (S-1-5-21-364587917-2012317419-2455768257-1002 - Administrator - Enabled) => C:\Users\tomas
WDAGUtilityAccount (S-1-5-21-364587917-2012317419-2455768257-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824406920}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adventure Pinball Demo (HKLM-x32\...\Adventure Pinball Demo) (Version: - )
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
doPDF (HKLM\...\{09BE69E4-B9AD-447D-8A2F-E1D6CBE9C417}) (Version: 10.1.112 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{f5020cd6-f9e7-47b4-ba38-35989d3528ac}) (Version: 10.1.112 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{F9F53ACC-96EE-49A9-B947-0BDBC9F29A70}) (Version: 10.1.112 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{F274B289-723E-46E4-A2E5-50F9DA00EC92}) (Version: 10.1.112 - Softland)
doPDF 10 Printer Driver (HKLM\...\{F2AA4489-36C5-428A-A715-DD4BFE05361F}) (Version: 10.1.112 - Softland)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{D58993B3-BA5F-4181-8D1C-05D0302398EB}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{C777EAED-CEE8-4AF4-A2DE-2A0FC510481A}) (Version: 40.13.54.81239 - HP)
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15310.1316 - Hewlett-Packard)
HP LaserJet Pro MFP M125-M126 HP Device Toolbox (HKLM-x32\...\{82E7776B-E837-4584-BD0D-E2F54A0F6960}) (Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M125126 Scan HP Scan (HKLM-x32\...\{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}) (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (HKLM-x32\...\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C}) (Version: 4.0.0.8895 - Hewlett-Packard Company) Hidden
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 6.2.0.3 (HKLM-x32\...\{C0B9601C-3433-41E2-B681-4C86274F0656}) (Version: 6.2.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\OneDriveSetup.exe) (Version: 23.114.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
OpenOffice 4.1.7 (HKLM-x32\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation)
Opera Stable 99.0.4788.88 (HKU\S-1-5-21-364587917-2012317419-2455768257-1002\...\Opera 99.0.4788.88) (Version: 99.0.4788.88 - Opera Software)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF24 Creator 9.0.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0067 - ST Microelectronics)
TomTom HOME 2.21.19.1592948 (HKLM\...\TomTom HOME) (Version: 2.21.19.1592948 - TomTom)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoner Photo Studio 11 (HKLM-x32\...\ZonerPhotoStudio11_CZ_is1) (Version: - ZONER software)
Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2023-06-30] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.3011.0_x64__rz1tebttyb220 [2023-06-30] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-30] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-30] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2018-06-24 16:33 - 2011-01-25 02:57 - 004637184 _____ (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\STLang64.dll
2020-09-25 13:35 - 2011-01-25 02:57 - 000651776 ____N (IDT, Inc.) [File not signed] C:\WINDOWS\system32\stapi64.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2012-06-26 13:08 - 2012-06-26 13:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 11:58 - 2012-06-26 11:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 13:08 - 2012-06-26 13:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2021-04-21 02:18 - 2021-04-21 02:18 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2019-05-08 20:36 - 2019-05-08 20:36 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 22:09 - 2021-06-05 22:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-364587917-2012317419-2455768257-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\tomas\OneDrive\Plocha\Poster.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{00672312-EC3D-44EE-A66D-0E6FC002ADCB}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{17F7BF29-E3FF-470E-9A0F-1AB6EA3F207C}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{02FA6FD6-7568-429D-AACE-7EC846D351F6}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{F70174D6-A6F1-463C-99CE-55B98FE40B2E}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{5ADD5DD8-3EE9-439E-A508-C44EB8E19165}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{4BE04637-D304-4B60-B8AA-71BAF90E7CA4}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{6595D54A-E8F6-4C5A-84E6-6F6FD62AF8A8}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{73755297-B5A9-4A0F-9CF1-7C634391105E}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{334ADF65-4AD0-4A40-ADBB-1DB765214C91}] => (Allow) C:\Program Files (x86)\Opera\99.0.4788.24\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{28E4FA73-1176-4AD9-AEDE-73284E33916C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6BBDD92-6CC9-4059-A37E-81FC820A1ADC}] => (Allow) C:\Program Files (x86)\Opera\99.0.4788.88\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{4A89320A-635F-41AB-BBDA-23CD4313C7F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{602AAECE-7CA6-4464-B127-C9FF57DC77A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{372B088F-DD97-4233-A612-A0B46C725719}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61B716FE-A7CB-4270-9313-C65C9CA854F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B205028B-AF2F-4C14-9D93-C186409B26C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
02-06-2023 07:38:21 Naplánovaný kontrolní bod
30-06-2023 06:52:45 Instalační služba modulů systému Windows
30-06-2023 06:59:17 Instalační služba modulů systému Windows
30-06-2023 07:04:29 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: Dell Data Vault Control Device
Description: Dell Data Vault Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Technologies
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/30/2023 07:28:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.2913, časové razítko: 0xfeef270c
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2913, časové razítko: 0xa1c3e870
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012d862
ID chybujícího procesu: 0x1c9c
Čas spuštění chybující aplikace: 0x01d9ab0f9b874e99
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8bfc090b-7083-4a83-b22f-5c0006de49ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2023 06:36:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (3416,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00172.log došlo k chybě -1811 (0xfffff8ed).
Error: (06/30/2023 06:34:33 AM) (Source: USHUpgradeService) (EventID: 2) (User: )
Description: Will not attempt to upgrade CV firmware because there were too many failed firmware upgrades.
Error: (06/19/2023 08:46:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (13072,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\tomas\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/19/2023 08:46:15 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (13072,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\tomas\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/04/2023 08:12:42 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/02/2023 07:37:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (05/21/2023 07:01:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (8536,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\tomas\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (06/30/2023 09:32:40 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-C5F069G)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (06/30/2023 08:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/30/2023 08:31:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/30/2023 07:48:04 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby UsoSvc s argumenty Není k dispozici za účelem spuštění serveru:
{9C695035-48D2-4229-8B73-4C70E756E519}
Error: (06/30/2023 07:28:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): 9WZDNCRFJ3PR-MICROSOFT.WINDOWSALARMS.
Error: (06/30/2023 06:48:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Brother - Printer - 4/22/2009 12:00:00 AM - 10.0.17119.1.
Error: (06/30/2023 06:47:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/30/2023 06:47:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DellWAL neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2023-06-30 10:09:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\tomas\Downloads\Setup.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-C5F069G\tomas
Název procesu: C:\Users\tomas\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.391.3067.0, AS: 1.391.3067.0, NIS: 1.391.3067.0
Verze modulu: AM: 1.1.23050.3, NIS: 1.1.23050.3
Date: 2023-06-29 18:24:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FCCCD64B-8B37-4019-B571-110BA860FDF8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-04 07:49:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B498BAFA-FEC2-4CA6-BA8A-96767FDC19E5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-03 08:20:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {403FA062-7574-4D2D-A775-FE906A6C5EDC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-01 17:32:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8A9C2F6B-8C5C-4030-A3F5-1B26458012F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-06-30 06:47:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:47:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:47:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:21:15
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-06-30 06:21:15
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.386.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2023-03-12 07:38:54
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-11-06 11:52:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A13 11/17/2013
Motherboard: Dell Inc. 0R97MN
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 70%
Total physical RAM: 3977.01 MB
Available physical RAM: 1156.04 MB
Total Virtual: 6537.01 MB
Available Virtual: 2879.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.58 GB) (Free:255.45 GB) (Model: ST320LT007-9ZV142) NTFS ==>[drive with boot components (obtained from BCD)]
\\?\Volume{e91e6299-0000-0000-0000-f0644a000000}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: E91E6299)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=525 MB) - (Type=27)
==================== End of Addition.txt =======================
